[
https://issues.apache.org/jira/browse/IGNITE-6167?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16581176#comment-16581176
]
Vladimir Ozerov commented on IGNITE-6167:
-----------------------------------------
[~ilyak], [~mcherkasov], several comments:
1) Test class is not added to any test suite
2) Please add positive and negative tests fpr Java thin client and JDBC thin
driver; we need to ensure that error messages are correct
3) Add tests where discovery is not limited by concrete ciphers, while
communication SPI does. Main goal - ensure that there are no hangs in negative
cases.
> Ability to enabled TLS protocols and cipher suites
> --------------------------------------------------
>
> Key: IGNITE-6167
> URL: https://issues.apache.org/jira/browse/IGNITE-6167
> Project: Ignite
> Issue Type: Wish
> Components: security
> Affects Versions: 2.1
> Reporter: Jens Borgland
> Assignee: Mikhail Cherkasov
> Priority: Major
>
> It would be very useful to be able to, in addition to the
> {{javax.net.ssl.SSLContext}}, either specify a custom
> {{javax.net.ssl.SSLServerSocketFactory}} and a custom
> {{javax.net.ssl.SSLSocketFactory}}, or to be able to at least specify the
> enabled TLS protocols and cipher suites.
> I have noticed that the
> {{org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter}} has support for
> the latter but I cannot find a way of getting a reference to the filter
> instance. The {{GridNioSslFilter}} also isn't used by {{TcpDiscoverySpi}} as
> far as I can tell.
> Currently (as far as I can tell) there is no way of specifying the enabled
> cipher suites and protocols used by Ignite, without doing it globally for the
> JRE.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
