[ https://issues.apache.org/jira/browse/ACCUMULO-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13762354#comment-13762354 ]
Michael Berman commented on ACCUMULO-1009: ------------------------------------------ WRT JSSE config, I wouldn't feel great about making the JSSE system properties be the only way to configure the accumulo client's SSL settings. It's JVM global, and accumulo clients may well make connections to multiple services or provide their own SSL server. Especially since I'm imagining the most common deployment will involve private roots, it seems overly restrictive to require the accumulo SSL config to be identical to the SSL config used across the entire client app. However, I do think it makes sense to optionally tell accumulo to use the JSSE config. I'll add that option. I'm working on separating AccumuloConfiguration from ClientConfiguration now, but they will have to cross paths at some point in the codebase, since accumulo services need to be able to make thrift connections to other accumulo services, and they will ultimately get their config from AccumuloConfiguration. Do you think it would make sense to have AccumuloConfiguration.getClientConfig()? Then, if we're in a context that does have an AccumuloConfiguration, we can access common code for creating connections, while contexts like ZooKeeperInstance need not know anything about it. > Support encryption over the wire > -------------------------------- > > Key: ACCUMULO-1009 > URL: https://issues.apache.org/jira/browse/ACCUMULO-1009 > Project: Accumulo > Issue Type: New Feature > Reporter: Keith Turner > Assignee: Michael Berman > Fix For: 1.6.0 > > Attachments: ACCUMULO-1009_thriftSsl.patch > > > Need to support encryption between ACCUMULO clients and servers. Also need > to encrypt communications between server and servers. > Basically need to make it possible for users to enable SSL+thrift. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira