[
https://issues.apache.org/jira/browse/CASSANDRA-17513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17525961#comment-17525961
]
Maulin Vasavada edited comment on CASSANDRA-17513 at 4/21/22 6:38 PM:
----------------------------------------------------------------------
Thank you [~djoshi] for considering the suggestion for the ticket title.
I've thought about it (little experimented also) and talked to some of the more
'security' experts and I agree with the approach to have a separate keystore
for client vs server certs for internode connections in case we need to have
client auth enabled. While Java keystores provide ability to store multiple
keys in it, for variety of reasons (some of which you already mentioned in your
lastest comment) it makes sense to keep client vs server keys separate.
Given that we would need a different keystore for client TLS auth for the
internode connection, what if somebody wants to use the same certs for client
as well as server auth? -Would they be required to copy it to a separate
keystore OR the code changes would have a fallback when the 'outbound keystore'
(how current PR refers to) is not configured?- I realized that they can
configure the same path for the 'outbound keystore' in that case.
was (Author: maulin.vasavada):
Thank you [~djoshi] for considering the suggestion for the ticket title.
I've thought about it (little experimented also) and talked to some of the more
'security' experts and I agree with the approach to have a separate keystore
for client vs server certs for internode connections in case we need to have
client auth enabled. While Java keystores provide ability to store multiple
keys in it, for variety of reasons (some of which you already mentioned in your
lastest comment) it makes sense to keep client vs server keys separate.
Given that we would need a different keystore for client TLS auth for the
internode connection, what if somebody wants to use the same certs for client
as well as server auth? Would they be required to copy it to a separate
keystore OR the code changes would have a fallback when the 'outbound keystore'
(how current PR refers to) is not configured?
> Adding support for TLS client authentication for internode communication
> ------------------------------------------------------------------------
>
> Key: CASSANDRA-17513
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17513
> Project: Cassandra
> Issue Type: Bug
> Reporter: Jyothsna Konisa
> Assignee: Jyothsna Konisa
> Priority: Normal
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Same keystore is being set for both Inbound and outbound connections but we
> should use a keystore with server certificate for Inbound connections and a
> keystore with client certificates for outbound connections. So we should add
> a new property in Cassandra.yaml to pass outbound keystore and use it in
> SSLContextFactory for creating outbound SSL context.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
