geode-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hitesh Khamesra (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (GEODE-1294) Overriding cluster-ssl properties does not work for http-service-ssl
Date Sat, 11 Feb 2017 00:29:41 GMT

     [ https://issues.apache.org/jira/browse/GEODE-1294?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Hitesh Khamesra closed GEODE-1294.
----------------------------------

> Overriding cluster-ssl properties does not work for http-service-ssl
> --------------------------------------------------------------------
>
>                 Key: GEODE-1294
>                 URL: https://issues.apache.org/jira/browse/GEODE-1294
>             Project: Geode
>          Issue Type: Bug
>          Components: client/server, configuration, security
>            Reporter: Jens Deppe
>            Assignee: Udo Kohlmeyer
>             Fix For: 1.1.0
>
>
> when {{cluster-ssl-require-authentication=true}} the following properties are set:
> {noformat}
> cluster-ssl-require-authentication=true
> gateway-ssl-require-authentication=true
> http-service-ssl-require-authentication=true
> jmx-manager-ssl-require-authentication=true
> server-ssl-require-authentication=true
> {noformat}
> When that property is not set (i.e. just defaulted) and {{cluster-ssl-enabled=true}}
then only {{http-service-ssl-require-authentication=false}} is set and all the other {{require-authentication}}
properties are {{true}}. With these settings, we require mutual auth for all connections except
Pulse and gfsh over http.
> However, if I set the following which should really be mimicking the default settings
for {{cluster-ssl-enabled=true}}:
> {noformat}
> cluster-ssl-require-authentication=true
> http-service-ssl-require-authentication=false
> {noformat}
> Then I am unable to access Pulse as it still appears to require mutual auth.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message