Thanks. Solr uses Zk 3.4.x with no support for TLS. Zk communication is over
low level binary TCP. I’m aware that if/when we get 3.5.x support we should
deploy SSL.
My question is, how do folks secure their current zk and is there a way to
circumvent the lack of SSL? I don’t care if people can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jan,
On 9/16/18 16:22, Jan Høydahl wrote:
> We plan to enable (digest) authentication and ACL with Zookeeper to
> improve security.
Can you be more explicit? There is HTTP DIGEST auth and then there are
"digested" (hashed) passwords for the
Hi,
We plan to enable (digest) authentication and ACL with Zookeeper to improve
security.
However, we have not been able to answer the question of how secure such a
setup will be,
given that ZK 3.4.x TCP communication is unencrypted.
So, do anyone know if ZK sends the password in cleartext