[
https://issues.apache.org/jira/browse/CASSANDRA-8803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14634665#comment-14634665
]
Norman Maurer commented on CASSANDRA-8803:
------------------------------------------
[~brandon.williams] you can assign this to me if you like... I will work on a
patch
> Implement transitional mode in C* that will accept both encrypted and
> non-encrypted client traffic
> --------------------------------------------------------------------------------------------------
>
> Key: CASSANDRA-8803
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8803
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Reporter: Vishy Kasar
> Fix For: 2.0.x
>
>
> We have some non-secure clusters taking live traffic in production from
> active clients. We want to enable client to node encryption on these
> clusters. Once we set the client_encryption_options enabled to true in yaml
> and bounce a cassandra node in the ring, the existing clients that do not do
> SSL will fail to connect to that node.
> There does not seem to be a good way to roll this change with out taking an
> outage. Can we implement a transitional mode in C* that will accept both
> encrypted and non-encrypted client traffic? We would enable this during
> transition and turn it off after both server and client start talking SSL.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
