ignite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ARomantsov (JIRA)" <j...@apache.org>
Subject [jira] [Created] (IGNITE-10911) Need to enforce truststore key when control utility connect to cluster with SSL enabled
Date Sun, 13 Jan 2019 11:58:00 GMT
ARomantsov created IGNITE-10911:
-----------------------------------

             Summary: Need to enforce truststore key when control utility connect to cluster
with SSL enabled
                 Key: IGNITE-10911
                 URL: https://issues.apache.org/jira/browse/IGNITE-10911
             Project: Ignite
          Issue Type: Bug
    Affects Versions: 2.5
            Reporter: ARomantsov
             Fix For: 2.8


I use the next setting in my app
{code:java}
        <property name="clientConnectorConfiguration">
            <bean class="org.apache.ignite.configuration.ClientConnectorConfiguration">
                <property name="sslEnabled" value="true"/>
                <property name="sslClientAuth" value="true"/>
                <property name="sslContextFactory">
                    <bean class="org.apache.ignite.ssl.SslContextFactory">
                        <property name="keyStoreFilePath" value="${TEST_DIR}/server.jks"/>
                        <property name="keyStorePassword" value="*"/>
                        <property name="trustStoreFilePath" value="${TEST_DIR}/trust.jks"/>
                        <property name="trustStorePassword" value="*"/>
                    </bean>
                </property>
            </bean>
        </property>

        <property name="sslContextFactory">
            <bean class="org.apache.ignite.ssl.SslContextFactory">
                <property name="keyStoreFilePath" value="${TEST_DIR}/server.jks"/>
                <property name="keyStorePassword" value="*"/>
                <property name="trustStoreFilePath" value="${TEST_DIR}/trust.jks"/>
                <property name="trustStorePassword" value="*"/>
            </bean>
        </property>

        <!-- Enable SSL for external connect  -->
        <property name="connectorConfiguration">
            <bean class="org.apache.ignite.configuration.ConnectorConfiguration">
                <property name="sslEnabled" value="true"/>
                <property name="sslClientAuth" value="true"/>
            </bean>
        </property>

{code}

And can get the result of command - control.bat --baseline --keystore..\server.jks --keystore-password
* without set up truststore




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message