[
https://issues.apache.org/jira/browse/STORM-4070?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Richard Zowalla closed STORM-4070.
----------------------------------
> mTls support
> ------------
>
> Key: STORM-4070
> URL: https://issues.apache.org/jira/browse/STORM-4070
> Project: Apache Storm
> Issue Type: New Feature
> Reporter: Purshotam Shah
> Priority: Major
> Fix For: 2.6.4
>
> Time Spent: 3h 40m
> Remaining Estimate: 0h
>
> Currently, Storm only supports *SASL* (Simple Authentication and Security
> Layer) and *Kerberos* for authentication. However, a more modern and
> increasingly popular method is *mTLS* (Mutual Transport Layer Security).
> *mTLS* leverages SSL/TLS certificates for authentication and encryption,
> ensuring that both the client and server can verify each other's identities.
> This dual verification process provides an additional security layer compared
> to traditional methods.
> For organizations already using trusted certificates within their
> infrastructure, integrating mTLS can be more straightforward. It allows them
> to use the existing certificate management systems, reducing the need for
> separate authentication setups.
> In cloud environments, *mTLS* is often the preferred choice for securing
> communications. By addressing both encryption and authentication in a single
> solution, mTLS simplifies the configuration process while enhancing overall
> security.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
