[
https://issues.apache.org/jira/browse/GEODE-7166?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Darrel Schneider updated GEODE-7166:
------------------------------------
Description:
In ConfigurationProperties the following javadocs say:
{noformat}
/**
* The static String definition of the <i>"ssl-enabled-components"</i>
property <a
* name="ssl-enabled-components"/a>
* </p>
* <U>Description</U>: This setting is a comma delimited fields which works
in conjunction with
* the {@link #CLUSTER_SSL_PREFIX} properties. This property will determine
which components will
* use SSL for their communications.
{noformat}
The truth is that this property causes a bunch of CLUSTER_SSL_PREFIX properties
to be ignored. The docs on CLUSTER_SSL_PREFIX are correct when they say it is
deprecated and instead you should use ssl-* and ssl-enabled-components. The
properties that will be used depending on what is added to
ssl-enabled-components are the
{noformat}
ssl-*-alias
{noformat}
properties. Except for ssl-default-alias, the
{noformat}
ssl-*-alias
{noformat}
properties will only be used if their component name (i.e. web, cluster) are
in the ssl-enabled-components list.
Another problem with the docs and ssl-enabled-components is that it does not
mention "locator" as a valid component.
was:
In ConfigurationProperties the following javadocs say:
{noformat}
/**
* The static String definition of the <i>"ssl-enabled-components"</i>
property <a
* name="ssl-enabled-components"/a>
* </p>
* <U>Description</U>: This setting is a comma delimited fields which works
in conjunction with
* the {@link #CLUSTER_SSL_PREFIX} properties. This property will determine
which components will
* use SSL for their communications.
{noformat}
The truth is that this property causes a bunch of CLUSTER_SSL_PREFIX properties
to be ignored. The docs on CLUSTER_SSL_PREFIX are correct when they say it is
deprecated and instead you should use ssl-* and ssl-enabled-components. The
properties that will be used depending on what is added to
ssl-enabled-components are the ssl-*-alias properties. Except for
ssl-default-alias, the ssl-*-alias properties will only be used if their
component name (i.e. web, cluster) are in the ssl-enabled-components list.
Another problem with the docs and ssl-enabled-components is that it does not
mention "locator" as a valid component.
> ssl-enabled-components gemfire property documentation is wrong
> --------------------------------------------------------------
>
> Key: GEODE-7166
> URL: https://issues.apache.org/jira/browse/GEODE-7166
> Project: Geode
> Issue Type: Bug
> Components: docs, security
> Reporter: Darrel Schneider
> Priority: Major
>
> In ConfigurationProperties the following javadocs say:
> {noformat}
> /**
> * The static String definition of the <i>"ssl-enabled-components"</i>
> property <a
> * name="ssl-enabled-components"/a>
> * </p>
> * <U>Description</U>: This setting is a comma delimited fields which works
> in conjunction with
> * the {@link #CLUSTER_SSL_PREFIX} properties. This property will determine
> which components will
> * use SSL for their communications.
> {noformat}
> The truth is that this property causes a bunch of CLUSTER_SSL_PREFIX
> properties to be ignored. The docs on CLUSTER_SSL_PREFIX are correct when
> they say it is deprecated and instead you should use ssl-* and
> ssl-enabled-components. The properties that will be used depending on what is
> added to ssl-enabled-components are the
> {noformat}
> ssl-*-alias
> {noformat}
> properties. Except for ssl-default-alias, the
> {noformat}
> ssl-*-alias
> {noformat}
> properties will only be used if their component name (i.e. web, cluster) are
> in the ssl-enabled-components list.
> Another problem with the docs and ssl-enabled-components is that it does not
> mention "locator" as a valid component.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
