[
https://issues.apache.org/jira/browse/IGNITE-6168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16138272#comment-16138272
]
Ilya Kasnacheev commented on IGNITE-6168:
-----------------------------------------
[~jens.borgland] This looks like an issue indeed, because it is possible for
two nodes to be stuck in "discovered but not connected and trying to connect
forever" livelock state for good as I have just confirmed. I think that mutual
TLS should be the only option in TcpDiscoverySpi.
> Ability to use TLS client authentication in the TcpDiscoverySpi
> ---------------------------------------------------------------
>
> Key: IGNITE-6168
> URL: https://issues.apache.org/jira/browse/IGNITE-6168
> Project: Ignite
> Issue Type: Wish
> Affects Versions: 2.1
> Reporter: Jens Borgland
>
> I'm working on an application where we use mutual TLS to protect the
> communication (of different kinds) between the components. It seems like
> Ignite uses mutual TLS for the TcpCommunicationSpi but not for the
> TcpDiscoverySpi. Would it be possible to add this ability (one way could
> perhaps be by implementing IGNITE-6167 so that it can be done through a
> custom socket factory)?
> I'm aware that there are other client authentication options for the
> discovery SPI but it would be nice to be able to use the same mechanism
> everywhere.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
