ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dmitry Karachentsev (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (IGNITE-4147) SSL misconfiguration is not handled properly
Date Mon, 26 Dec 2016 07:25:58 GMT

    [ https://issues.apache.org/jira/browse/IGNITE-4147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15777772#comment-15777772

Dmitry Karachentsev commented on IGNITE-4147:

I'm just worrying if node unable to connect because another app is listening on that port,
and may be it is better not to fail immediately, but go on with next address from list.

In case that you suggested, discovery will fail fast with recommendation to check configuration.

But anyway, you're right and this is also not valid case.

> SSL misconfiguration is not handled properly
> --------------------------------------------
>                 Key: IGNITE-4147
>                 URL: https://issues.apache.org/jira/browse/IGNITE-4147
>             Project: Ignite
>          Issue Type: Bug
>          Components: general
>    Affects Versions: 1.7
>            Reporter: Valentin Kulichenko
>            Assignee: Dmitry Karachentsev
>             Fix For: 2.0
> Currently, if one tries to start a node with incorrect SSL configuration (i.e. node with
SSL disabled tries to connect to secured cluster or other way around), this new node does
not show any exceptions or warnings. Instead user may end up having two topologies - one secured
and another non-secured.
> This is counterintuitive. We should try to detect this and throw an exception in this
> Here are possible scenarios that we should consider:
> * Unsecured server tries to join secured cluster.
> * Secured server tries to join unsecured cluster.
> * Unsecured client tries to join secured cluster.
> * Secured client tries to join unsecured cluster.

This message was sent by Atlassian JIRA

View raw message