[ https://issues.apache.org/jira/browse/ACCUMULO-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13790850#comment-13790850 ]
Christopher Tubbs commented on ACCUMULO-1009: --------------------------------------------- keytool-maven-plugin supports key generation prior to jdk 1.7. You just have to stick with the same keystore for both keystore and truststore for testing, until 1.7, when you can do CSRs. openssl can still do certificate generation with the exec plugin, regardless of the jdk version. However, I don't see an issue with a test scope solution, because we're not encouraging users to rely on Accumulo to generate certs, and we're not shipping the extra dependencies. As for the ZK breakage, I think it would have been nice to fall back to JSSE options configured in system properties rather than config. But if that fallback can't be tested due to the breakage of ZK, don't bother. We can add that when we can test it. It's sufficient to rely only on the context-prefixed JSSE properties carried in the configuration files. > Support encryption over the wire > -------------------------------- > > Key: ACCUMULO-1009 > URL: https://issues.apache.org/jira/browse/ACCUMULO-1009 > Project: Accumulo > Issue Type: New Feature > Reporter: Keith Turner > Assignee: Michael Berman > Fix For: 1.6.0 > > Attachments: ACCUMULO-1009_thriftSsl-2013-10-4.patch, > ACCUMULO-1009_thriftSsl.patch > > > Need to support encryption between ACCUMULO clients and servers. Also need > to encrypt communications between server and servers. > Basically need to make it possible for users to enable SSL+thrift. -- This message was sent by Atlassian JIRA (v6.1#6144)