[
https://issues.apache.org/jira/browse/FALCON-274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13879927#comment-13879927
]
Jean-Baptiste Onofré commented on FALCON-274:
---------------------------------------------
Currently, we use openwire directly, bound to all network interfaces. Using
embedded broker, the user can only define the port number, not the protocol
(hardcoded to tcp), not the network interface (hardcoded to 0.0.0.0 so all
interfaces).
I propose to let the user define the transport connector URL.
Thanks to that, it would be possible:
to bind to given network interface (for instance localhost or specific
interface IP)
use OpenWire over SSL (using a transport like ssl://0.0.0.0:61616 instead
of tcp). In conf/falcon-env.sh, the user can defines his keystore (using
-Djavax.net.ssl.keyStore=/path/to/falcon.ks
-Djavax.net.ssl.keyStorePassword=password). The messaging interface in the
cluster entity should use properties to contain keystore in order to correctly
create the connection factory.
eventually define clientAuth (using a transport like
ssl://localhost:61616?transport.needClientAuth=true) and provide a
keystore/truststore
I'm preparing a patch for that including update on the documentation.
> Add broker ssl transport connector support
> ------------------------------------------
>
> Key: FALCON-274
> URL: https://issues.apache.org/jira/browse/FALCON-274
> Project: Falcon
> Issue Type: Sub-task
> Reporter: Jean-Baptiste Onofré
> Assignee: Jean-Baptiste Onofré
>
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
