[ https://issues.apache.org/jira/browse/ZOOKEEPER-3482?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16898268#comment-16898268 ]
Jörn Franke commented on ZOOKEEPER-3482: ---------------------------------------- Please note that some ZooKeeper Clients, e.g. Solr, do not seem to support X509 Authentication+ACLs, but only Digest and SASL (Kerberos). > SASL (Kerberos) Authentication with SSL for clients and Quorum > -------------------------------------------------------------- > > Key: ZOOKEEPER-3482 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3482 > Project: ZooKeeper > Issue Type: Bug > Components: server > Affects Versions: 3.5.5 > Reporter: Jörn Franke > Priority: Major > > It seems that Kerberos authentication does not work for encrypted connections > of clients and quorum. It seems that only X509 Authentication works. > What I would have expected: > ClientSecurePort is defined > A keystore and truststore are deployed on the ZooKeeper servers > Only a truststore is deployed with the client (to validate the CA of the > server certificate) > Client can authenticate with SASL (Kerberos) > Similarly for the Quorum SSL connection. > Is there a way to configure this in ZooKeeeper? -- This message was sent by Atlassian JIRA (v7.6.14#76016)