Hi, control script [1] uses REST API You can disable it or set up secret keys, SSL, etc, as described in the docs [2]
To do that from .NET, use IgniteConfiguration.SpringConfigUrl property [3] [1] https://ignite.apache.org/docs/latest/tools/control-script [2] https://ignite.apache.org/docs/latest/restapi [3] https://ignite.apache.org/docs/latest/net-specific/net-configuration-options#configure-with-spring-xml On Mon, Sep 16, 2024 at 9:35 AM <satyajit.man...@barclays.com> wrote: > Hi Pavel, > > > > How can we prevent self-management scripts ( Control scripts) to > join the cluster which has TLS/SSL enabled. Currently without > certificates it is able to join the cluster though TLS/SSL is enabled > in Ignite .NET Cluster. > > > > Is there any setting on server nodes which we are missing? Can’t > find this setting in Ignite .NET library ( > *ConnectorConfiguration.sslClientAuth=true* ) > > > > Under this documentation nothing is mentioned > > > > https://ignite.apache.org/docs/latest/security/ssl-tls > > > > > > Found this under Gridgain documentation but can’t find this on > Ignite documentation. > > https://www.gridgain.com/docs/latest/administrators-guide/security/ssl-tls > > *Management Tools SSL/TLS Authentication* > > By default, management scripts such as control.sh|bat, management.sh|bat, > and snapshot-utility.sh|bat are not required to have client certificates. > > To enable client certificate validation, set > *ConnectorConfiguration.sslClientAuth=true* on the server nodes. > > > > Regards > > Satyajit > > > > > > > > > > > > > > > > Restricted - External > > Barclays Execution Services Limited registered in England. Registered No. > 1767980. Registered office: 1 Churchill Place, London, E14 5HP > > Barclays Execution Services Limited provides support and administrative > services across Barclays group. Barclays Execution Services Limited is an > appointed representative of Barclays Bank UK plc and Barclays Bank plc. > Barclays Bank UK plc and Barclays Bank plc are authorised by the Prudential > Regulation Authority and regulated by the Financial Conduct Authority and > the Prudential Regulation Authority. > > This email and any attachments are confidential and intended solely for > the addressee and may also be privileged or exempt from disclosure under > applicable law. If you are not the addressee, or have received this email > in error, please notify the sender and immediately delete it and any > attachments from your system. Do not copy, use, disclose or otherwise act > on any part of this email or its attachments. > > Internet communications are not guaranteed to be secure or virus-free. The > Barclays group does not accept responsibility for any loss arising from > unauthorised access to, or interference with, any internet communications > by any third party, or from the transmission of any viruses. Replies to > this email may be monitored by the Barclays group for operational or > business reasons. > > Any opinion or other information in this email or its attachments that > does not relate to the business of the Barclays group is personal to the > sender and is not given or endorsed by the Barclays group. > > Unless specifically indicated, this e-mail is not an offer to buy or sell > or a solicitation to buy or sell any securities, investment products or > other financial product or service, an official confirmation of any > transaction, or an official statement of Barclays. >
