accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Elser <josh.el...@gmail.com>
Subject Blog entry about creating certificates for SSL
Date Thu, 14 Aug 2014 04:27:30 GMT
Hi all,

I authored a blog post after digging into how to use openssl and keytool 
(after some help from Billie and Michael Berman) to generate the proper 
certificates stored in Java KeyStores, for Accumulo to configure the 
Thrift servers to run over SSL. At a high level, the steps create a 
certificate authority, and then use that to generate certs for 
clients/servers, and then load them into Java KeyStores for consumption.

I just finished this up, so I'm not too worried about grammar at this 
point, but I am very concerned about advertising something that is 
inherently insecure. Any information about where I'm doing something 
"bad", and what should be done instead, would be *greatly* appreciated.

For those with a blogs/roller account, check out[1], and for everyone 
else, use [2].

Thanks everyone!

- Josh

[1] 
https://blogs.apache.org/roller-ui/authoring/preview/accumulo/?previewEntry=generating_keystores_for_configuring_accumulo
[2] http://people.apache.org/~elserj/ssl-blog.html

Mime
View raw message