[
https://issues.apache.org/jira/browse/CASSANDRA-18124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17703956#comment-17703956
]
Tibor Repasi commented on CASSANDRA-18124:
------------------------------------------
I've tested it, looks good. I haven't tested with intermediate CA certificates
for now, but that wasn't the issue either.
One small suggestion: currently the configuration example can only be found on
the website, would you mind to put configuration examples using
PEMBasedSslContextFactory into the comments of cassandra.yaml? That would lower
the setup threshold.
> Config parameter keystore_password should be nullable
> -----------------------------------------------------
>
> Key: CASSANDRA-18124
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18124
> Project: Cassandra
> Issue Type: Bug
> Components: Local/Config
> Reporter: Tibor Repasi
> Assignee: Maulin Vasavada
> Priority: Normal
> Fix For: 4.1.x, 5.x
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Some SSL configuration may pass unencrypted private keys. PEMReader might
> accept that by assuming keyPassword to be null in that case (e.g.
> https://github.com/apache/cassandra/blob/f9e033f519c14596da4dc954875756a69aea4e78/src/java/org/apache/cassandra/security/PEMReader.java#L103).
> Current configuration reader does not accept keystore_password parameter to
> be set null or empty in the cassandra.yaml.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
