brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From drigod...@apache.org
Subject [1/2] brooklyn-docs git commit: Winrm connectivity limitations
Date Thu, 19 Jan 2017 13:20:46 GMT
Repository: brooklyn-docs
Updated Branches:
  refs/heads/master d2e6a6780 -> 3a1258ec7


Winrm connectivity limitations


Project: http://git-wip-us.apache.org/repos/asf/brooklyn-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-docs/commit/55d21a50
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-docs/tree/55d21a50
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-docs/diff/55d21a50

Branch: refs/heads/master
Commit: 55d21a509d8fc521867fc4226d8153424c879813
Parents: d2e6a67
Author: Valentin Aitken <bostko@gmail.com>
Authored: Sun Dec 4 22:49:04 2016 +0200
Committer: Valentin Aitken <bostko@gmail.com>
Committed: Thu Jan 19 15:11:02 2017 +0200

----------------------------------------------------------------------
 guide/yaml/winrm/index.md | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/brooklyn-docs/blob/55d21a50/guide/yaml/winrm/index.md
----------------------------------------------------------------------
diff --git a/guide/yaml/winrm/index.md b/guide/yaml/winrm/index.md
index 23ebb32..168dded 100644
--- a/guide/yaml/winrm/index.md
+++ b/guide/yaml/winrm/index.md
@@ -513,13 +513,15 @@ Additional logs may be created by some Windows programs. For example,
MSSQL crea
 Known Limitations
 -----------------
 
-### Use of Unencrypted HTTP
+WinRM 2.0 supports encryption mechanisms on top of HTTP. However those are not supported
in Apache Brooklyn.
+For production adoptions please make sure you follow Microsoft Guidelines https://msdn.microsoft.com/en-us/library/ee309366(v=vs.85).aspx
 
-Brooklyn is currently using unencrypted HTTP for WinRM communication. This means that the
login credentials will be
-transmitted in clear text.
+### Apache Brooklyn limitations on using WinRM over HTTP and HTTPS
 
-In future we aim to improve Brooklyn to support HTTPS. However this requires adding support
to the underlying 
-WinRM library, and also involves certificate creation and verification.
+By default Apache Brooklyn is currently using unencrypted HTTP for WinRM communication. It
does not support encrypted HTTP for WinRM.
+
+HTTPS is supported but there is no mechanism of specifying which certificates to trust.
+Currently Apache Brooklyn will accept any certificate used in a HTTPS WinRM connection.
 
 ### Incorrect Exit Codes
 


Mime
View raw message