[
https://issues.apache.org/jira/browse/ACCUMULO-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13771493#comment-13771493
]
Michael Berman commented on ACCUMULO-1009:
------------------------------------------
Anyone else want to weigh in? It seems pretty clear that neither of us is
going to convince the other. Just looked over the jetty and tomcat SSL howtos,
btw, and both have special settings in their conf to set where to find
keystores and truststores. JSSE is a nice dream, but I don't believe it's so
universally supported that anything can be asserted about "any other Java
application." It is true that neither provides a tool to help provision certs,
but also neither of them are typically deployed in massive clusters where it
makes sense for them to have their own dedicated root. Wanting to limit scope
is a fair point, but I think dramatically easing setup of what I imagine to be
the most common deployment pattern is worth it. We could ask people to create
their own accumulo tree in HDFS (and plenty of other hadoop-based tools' first
step is "run this hadoop command..."), but instead we have init do it because
complicated install procedures are a huge barrier to adoption.
> Support encryption over the wire
> --------------------------------
>
> Key: ACCUMULO-1009
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1009
> Project: Accumulo
> Issue Type: New Feature
> Reporter: Keith Turner
> Assignee: Michael Berman
> Fix For: 1.6.0
>
> Attachments: ACCUMULO-1009_thriftSsl.patch
>
>
> Need to support encryption between ACCUMULO clients and servers. Also need
> to encrypt communications between server and servers.
> Basically need to make it possible for users to enable SSL+thrift.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
