cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tyler Hobbs (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-9544) Allow specification of TLS protocol to use for cqlsh
Date Tue, 07 Jul 2015 17:17:04 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-9544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14617012#comment-14617012
] 

Tyler Hobbs commented on CASSANDRA-9544:
----------------------------------------

I like adding the ability to configure the ssl protocol version, but I think keeping TLSv1
as the default is the best option.  It's the Cassandra default, it has always been the cqlsh
default, and it should be the most secure choice.

I've created a [branch with the changes|https://github.com/thobbs/cassandra/tree/CASSANDRA-9544].

Pending CI test runs:
* [2.1 dtest|http://cassci.datastax.com/view/Dev/view/thobbs/job/thobbs-CASSANDRA-9544-dtest/]
* [2.2 testall|http://cassci.datastax.com/view/Dev/view/thobbs/job/thobbs-CASSANDRA-9544-testall/]

> Allow specification of TLS protocol to use for cqlsh
> ----------------------------------------------------
>
>                 Key: CASSANDRA-9544
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9544
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Tools
>            Reporter: Jesse Szwedko
>              Labels: cqlsh, tls
>
> Currently when using {{cqlsh}} with {{--ssl}} it tries to use TLS 1.0 to connect. I have
my server only serving TLS 1.2 which means that I cannot connect.
> It would be nice if {{cqlsh}} allowed the TLS protocol it uses to connect to be configured.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message