jonmeredith commented on pull request #1027: URL: https://github.com/apache/cassandra/pull/1027#issuecomment-906692004
@tolbertam gave me a hand to test this out in our environment using a custom class derived from FileBasedSslContextFactory and it worked well for us for internode (we haven't had a chance to test clients or filesystem-timestamp based reloading yet). From the test I have some usability feedback - the first attempt at configuration failed because I set the `keystore` / `truststore` in the parameterized class parameters and they were silently overwritten from the ones in `EncryptionOptions`. I think this could be an easy source of security misconfiguration bugs. The two options I can think of are: 1) Prevent the copied values from being set in the parameters and through an IllegalArgumentException preventing startup. 2) Only copy the `EncryptionOption` version if there is no parameter set and log a warning if they are both set. I think I prefer option one as it is unambiguous from reading the configuration which setting is being used, wdyt? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
