[
https://issues.apache.org/jira/browse/ACCUMULO-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13790850#comment-13790850
]
Christopher Tubbs commented on ACCUMULO-1009:
---------------------------------------------
keytool-maven-plugin supports key generation prior to jdk 1.7. You just have to
stick with the same keystore for both keystore and truststore for testing,
until 1.7, when you can do CSRs. openssl can still do certificate generation
with the exec plugin, regardless of the jdk version.
However, I don't see an issue with a test scope solution, because we're not
encouraging users to rely on Accumulo to generate certs, and we're not shipping
the extra dependencies.
As for the ZK breakage, I think it would have been nice to fall back to JSSE
options configured in system properties rather than config. But if that
fallback can't be tested due to the breakage of ZK, don't bother. We can add
that when we can test it. It's sufficient to rely only on the context-prefixed
JSSE properties carried in the configuration files.
> Support encryption over the wire
> --------------------------------
>
> Key: ACCUMULO-1009
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1009
> Project: Accumulo
> Issue Type: New Feature
> Reporter: Keith Turner
> Assignee: Michael Berman
> Fix For: 1.6.0
>
> Attachments: ACCUMULO-1009_thriftSsl-2013-10-4.patch,
> ACCUMULO-1009_thriftSsl.patch
>
>
> Need to support encryption between ACCUMULO clients and servers. Also need
> to encrypt communications between server and servers.
> Basically need to make it possible for users to enable SSL+thrift.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
