Darrel Schneider created GEODE-420:
--------------------------------------
Summary: locator ssl configuration
Key: GEODE-420
URL: https://issues.apache.org/jira/browse/GEODE-420
Project: Geode
Issue Type: New Feature
Components: core
Reporter: Darrel Schneider
We currently allow separate SSL configuration for cluster, server, gateway,
jmx-manager, and http-service.
The "server" attributes configure the ssl connections from clients to a cache
server.
The "gateway" attributes configure the ssl connections between a gateway sender
and receiver.
The "jmx-manager" attributes configure the ssl connections between an admin
client (for example gfsh) and the jmx-manager.
The "http-service" attributes configure the ssl connections between REST
clients and the http-service.
The "cluster" attributes configure the ssl connections between the members of a
distributed system (peer-to-peer connections) AND to the locators.
Using "cluster" for the connections to a locator can be a problem.
Say you trust all your members of a distributed system since they are running
on your private network. So no need for ssl on the p2p connections.
So you disable cluster-ssl. These means that your peers are locators are all
using unsecure connections.
But some of these members are hosting a cache server and have clients
connecting to them. So you configure "server" ssl for the client to server
connections. But for your clients to find you servers they need to talk to the
locator. Since the clients are coming from the outside world you want them to
use SSL. So you configure "server" ssl on them for when they connect to the
cache server and "cluster" SSL on them for when they connect to the locator.
But your locators are configured with "cluster" SSL disabled so that the p2p
connects on the internal network will not be SSL.
So you are either forced to have you client to locator connections to be
unsecure or you need to secure all the cluster connections forcing the peers to
also use SSL.
I think we should introduce "locator" SSL configuration options that would
allow you to have just the locator and server using SSL and the "cluster" to
have SSL disabled.
Something else to consider would be for the locator to be able to use SSL for
clients but non-SSL for locator-to-locator and peers-to-locator connections. I
think this would be more complicated because we would need to have different
ports that the locator listens on (one for clients and one for locators and
members).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
