[jira] [Updated] (HBASE-25267) Add SSL keystore type and truststore related configs for HBase RESTServer

Tue, 10 Nov 2020 15:58:01 -0800 


     [ 
https://issues.apache.org/jira/browse/HBASE-25267?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mate Szalay-Beko updated HBASE-25267:
-------------------------------------
    Description: 
The RESTServer currently relies on the following parameters to configure SSL on 
the REST API:
 * {{hbase.rest.ssl.enabled}}
 * {{hbase.rest.ssl.keystore.store}}
 * {{hbase.rest.ssl.keystore.password}}
 * {{hbase.rest.ssl.keystore.keypassword}}
 * {{hbase.rest.ssl.exclude.cipher.suites}}
 * {{hbase.rest.ssl.include.cipher.suites}}
 * {{hbase.rest.ssl.exclude.protocols}}
 * {{hbase.rest.ssl.include.protocols}}

In this patch I want to introduce the following new parameters:
 * {{hbase.rest.ssl.keystore.type}}
 * {{hbase.rest.ssl.truststore.store}}
 * {{hbase.rest.ssl.truststore.password}}
 * {{hbase.rest.ssl.truststore.type}}

If any of the new the parameter is not provided, then we should fall-back to 
the current behaviour (e.g. assuming JKS keystore/truststore types, or no 
passwords, or no custom trust store file).

  was:
The keystore configuration of the RESTServer currently relies on the following 
parameters to configure SSL:
 * hbase.rest.ssl.enabled
 * hbase.rest.ssl.keystore.store
 * hbase.rest.ssl.keystore.password
 * hbase.rest.ssl.keystore.keypassword
 * hbase.rest.ssl.exclude.cipher.suites
 * hbase.rest.ssl.include.cipher.suites
 * hbase.rest.ssl.exclude.protocols
 * hbase.rest.ssl.include.protocols

In this patch I want to introduce the following new parameters:
 * {{hbase.rest.ssl.keystore.type}}
 * {{hbase.rest.ssl.truststore.store}}
 * {{hbase.rest.ssl.}}{{truststore}}{{.password}}
 * {{hbase.rest.ssl.}}{{truststore}}{{.type}}

If any of the new the parameter is not provided, then we should fall-back to 
the current behaviour (e.g. assuming JKS keystore/truststore types, or no 
passwords, or no custom trust store file).


> Add SSL keystore type and truststore related configs for HBase RESTServer
> -------------------------------------------------------------------------
>
>                 Key: HBASE-25267
>                 URL: https://issues.apache.org/jira/browse/HBASE-25267
>             Project: HBase
>          Issue Type: Improvement
>          Components: REST
>            Reporter: Mate Szalay-Beko
>            Assignee: Mate Szalay-Beko
>            Priority: Major
>
> The RESTServer currently relies on the following parameters to configure SSL 
> on the REST API:
>  * {{hbase.rest.ssl.enabled}}
>  * {{hbase.rest.ssl.keystore.store}}
>  * {{hbase.rest.ssl.keystore.password}}
>  * {{hbase.rest.ssl.keystore.keypassword}}
>  * {{hbase.rest.ssl.exclude.cipher.suites}}
>  * {{hbase.rest.ssl.include.cipher.suites}}
>  * {{hbase.rest.ssl.exclude.protocols}}
>  * {{hbase.rest.ssl.include.protocols}}
> In this patch I want to introduce the following new parameters:
>  * {{hbase.rest.ssl.keystore.type}}
>  * {{hbase.rest.ssl.truststore.store}}
>  * {{hbase.rest.ssl.truststore.password}}
>  * {{hbase.rest.ssl.truststore.type}}
> If any of the new the parameter is not provided, then we should fall-back to 
> the current behaviour (e.g. assuming JKS keystore/truststore types, or no 
> passwords, or no custom trust store file).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to