Hi,
I referred to the Ignite docs on TLS:
https://apacheignite.readme.io/docs/ssltls.
I have the below set in my config XML file for TLS:
<property name="sslContextFactory">
<bean class="org.apache.ignite.ssl.SslContextFactory">
<property name="keyStoreFilePath"
value="ignite/apache-ignite-fabric-1.9.0-bin/keystore/e1.signing.com.jks"/>
<property name="keyStorePassword" value="1234"/>
<property name="trustStoreFilePath"
value="ignite/apache-ignite-fabric-1.9.0-bin/keystore/TrustStore.jks"/>
<property name="trustStorePassword" value="1234"/>
<property name="Protocol" value="TLS"></property>
</bean>
</property>
and the below for Discovery:
<property name="discoverySpi">
<bean
class="org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi">
<property name="localPort" value="49500"/>
<property name="localPortRange" value="20"/>
<property name="ipFinder">
<bean
class="org.apache.ignite.spi.discovery.tcp.ipfinder.vm.TcpDiscoveryVmIpFinder">
<property name="addresses">
<list>
<value>10.17.XX.XXX:49500..49520</value>
<value>10.17.XX.XXX:49500..49520</value>
</list>
</property>
</bean>
</property>
</bean>
</property>
<property name="communicationSpi">
<bean
class="org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi">
<property name="localPort" value="48100"/>
</bean>
</property>
However when I start my nodes, they don't discover one another.
Node1-
[16:18:24] Topology snapshot [ver=1, servers=1, clients=0, CPUs=8,
heap=1.0GB]
[16:18:29] Failed to initialize connection (missing SSL configuration on
remote node?) [rmtAddr=/10.17.XX.XXX]
Node2-
[16:18:30] Topology snapshot [ver=1, servers=1, clients=0, CPUs=8,
heap=1.0GB]
I have checked both my keystore and truststore and they are fine.Also, they
are not self-signed certificates.
But it works with disabled trust managers.
Is there anything I am missing in setting up TLS communication here?
--
View this message in context:
http://apache-ignite-users.70518.x6.nabble.com/Ignite-TLS-with-TrustStore-tp12362.html
Sent from the Apache Ignite Users mailing list archive at Nabble.com.
