Re: SSL configuration - default behaviour

[Piotr Nowojski]

Hi Krzysztof,

Thanks for the suggestion. It was kind of implied in the first sentence on the 
page already, but I’m fixing it [1] to make it more clear. 

Piotrek

[1] https://github.com/apache/flink/pull/11083 


> On 11 Feb 2020, at 08:22, Krzysztof Chmielewski 
>  wrote:
> 
> Thanks Robert,
> just a small suggestion maybe to change the documentation a little bit.
> 
> I'm not sure if its only my impression but from sentence: 
> " All internal connections are SSL authenticated and encrypted" initially I 
> thought that this is the default configuration.
> 
> Thanks,
> Krzysztof
> 
> pon., 10 lut 2020 o 15:12 Robert Metzger  > napisał(a):
> Hi,
> 
> thanks a lot for your message. By default, internal connections are not 
> encrypted.
> 
> On Fri, Feb 7, 2020 at 4:08 PM KristoffSC  > wrote:
> Hi,
> In documentation [1] we can read that
> 
> All internal connections are SSL authenticated and encrypted. The
> connections use mutual authentication, meaning both server and client side
> of each connection need to present the certificate to each other. The
> certificate acts effectively as a shared secret.
> 
> But is this a default behavior? Are internal connections encrypted by
> default?
> 
> [1]
> https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html 
> 
> 
> 
> 
> --
> Sent from: 
> http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/ 
> 

Re: SSL configuration - default behaviour

[Krzysztof Chmielewski]

Thanks Robert,
just a small suggestion maybe to change the documentation a little bit.

I'm not sure if its only my impression but from sentence:
*" All internal connections are SSL authenticated and encrypted"* initially
I thought that this is the default configuration.

Thanks,
Krzysztof

pon., 10 lut 2020 o 15:12 Robert Metzger  napisał(a):

> Hi,
>
> thanks a lot for your message. By default, internal connections are not
> encrypted.
>
> On Fri, Feb 7, 2020 at 4:08 PM KristoffSC 
> wrote:
>
>> Hi,
>> In documentation [1] we can read that
>>
>> All internal connections are SSL authenticated and encrypted. The
>> connections use mutual authentication, meaning both server and client side
>> of each connection need to present the certificate to each other. The
>> certificate acts effectively as a shared secret.
>>
>> But is this a default behavior? Are internal connections encrypted by
>> default?
>>
>> [1]
>>
>> https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html
>>
>>
>>
>> --
>> Sent from:
>> http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/
>>
>

Re: SSL configuration - default behaviour

[Robert Metzger]

Hi,

thanks a lot for your message. By default, internal connections are not
encrypted.

On Fri, Feb 7, 2020 at 4:08 PM KristoffSC 
wrote:

> Hi,
> In documentation [1] we can read that
>
> All internal connections are SSL authenticated and encrypted. The
> connections use mutual authentication, meaning both server and client side
> of each connection need to present the certificate to each other. The
> certificate acts effectively as a shared secret.
>
> But is this a default behavior? Are internal connections encrypted by
> default?
>
> [1]
>
> https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html
>
>
>
> --
> Sent from:
> http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/
>

SSL configuration - default behaviour

[KristoffSC]

Hi,
In documentation [1] we can read that

All internal connections are SSL authenticated and encrypted. The
connections use mutual authentication, meaning both server and client side
of each connection need to present the certificate to each other. The
certificate acts effectively as a shared secret.

But is this a default behavior? Are internal connections encrypted by
default?

[1]
https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html



--
Sent from: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/