[ https://issues.apache.org/jira/browse/GEODE-420?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15273136#comment-15273136 ]
Bruce Schuchardt commented on GEODE-420: ---------------------------------------- Rather than complicate things by adding yet another set of SSL settings just for locator communication we propose this alternative: The cluster-ssl settings apply to communication internal to the cluster, including communication with the locator. The server-ssl settings apply to communication external to the cluster, including communication with the locator. The locator can be started with two ports. The "--port" setting is configured with cluster-ssl settings. A new "--server-port" setting will specify a server port that is configured with server-ssl settings. Implementation notes: This will bind the locator's main port to the same settings as the DistributedSystem's cluster port (in TCPConduit) as it is presently and it will bind the locator's server-port to the same settings as the CacheServer's port (in AcceptorImpl). TcpServer will have two server threads, one for each of the ports. TcpClient will be modified to be stateful and hold a properly configured SocketCreator. > locator ssl configuration > ------------------------- > > Key: GEODE-420 > URL: https://issues.apache.org/jira/browse/GEODE-420 > Project: Geode > Issue Type: New Feature > Components: locator > Reporter: Darrel Schneider > Assignee: Bruce Schuchardt > > We currently allow separate SSL configuration for cluster, server, gateway, > jmx-manager, and http-service. > The "server" attributes configure the ssl connections from clients to a cache > server. > The "gateway" attributes configure the ssl connections between a gateway > sender and receiver. > The "jmx-manager" attributes configure the ssl connections between an admin > client (for example gfsh) and the jmx-manager. > The "http-service" attributes configure the ssl connections between REST > clients and the http-service. > The "cluster" attributes configure the ssl connections between the members of > a distributed system (peer-to-peer connections) AND to the locators. > Using "cluster" for the connections to a locator can be a problem. > Say you trust all your members of a distributed system since they are running > on your private network. So no need for ssl on the p2p connections. > So you disable cluster-ssl. These means that your peers are locators are all > using unsecure connections. > But some of these members are hosting a cache server and have clients > connecting to them. So you configure "server" ssl for the client to server > connections. But for your clients to find you servers they need to talk to > the locator. Since the clients are coming from the outside world you want > them to use SSL. So you configure "server" ssl on them for when they connect > to the cache server and "cluster" SSL on them for when they connect to the > locator. But your locators are configured with "cluster" SSL disabled so that > the p2p connects on the internal network will not be SSL. > So you are either forced to have you client to locator connections to be > unsecure or you need to secure all the cluster connections forcing the peers > to also use SSL. > I think we should introduce "locator" SSL configuration options that would > allow you to have just the locator and server using SSL and the "cluster" to > have SSL disabled. > Something else to consider would be for the locator to be able to use SSL for > clients but non-SSL for locator-to-locator and peers-to-locator connections. > I think this would be more complicated because we would need to have > different ports that the locator listens on (one for clients and one for > locators and members). > -- This message was sent by Atlassian JIRA (v6.3.4#6332)