ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ilya Kasnacheev (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (IGNITE-6167) Ability to set custom SSLServerSocketFactory and SSLSocketFactory or enabled TLS protocols and cipher suites
Date Wed, 23 Aug 2017 12:01:00 GMT

    [ https://issues.apache.org/jira/browse/IGNITE-6167?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16138259#comment-16138259
] 

Ilya Kasnacheev commented on IGNITE-6167:
-----------------------------------------

[~jens.borgland] You can create your own subclass of SslContextFactory, overriding create(),
which will return your own SSLContext, overriding getSocketFactory() and getServerSocketFactory()
and returning custom socket factories. Anything obvious I am missing? Seems doable. Of course
the usability of that solution is suboptimal.

> Ability to set custom SSLServerSocketFactory and SSLSocketFactory or enabled TLS protocols
and cipher suites
> ------------------------------------------------------------------------------------------------------------
>
>                 Key: IGNITE-6167
>                 URL: https://issues.apache.org/jira/browse/IGNITE-6167
>             Project: Ignite
>          Issue Type: Wish
>    Affects Versions: 2.1
>            Reporter: Jens Borgland
>
> It would be very useful to be able to, in addition to the {{javax.net.ssl.SSLContext}},
either specify a custom {{javax.net.ssl.SSLServerSocketFactory}} and a custom {{javax.net.ssl.SSLSocketFactory}},
or to be able to at least specify the enabled TLS protocols and cipher suites.
> I have noticed that the {{org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter}}
has support for the latter but I cannot find a way of getting a reference to the filter instance.
The {{GridNioSslFilter}} also isn't used by {{TcpDiscoverySpi}} as far as I can tell.
> Currently (as far as I can tell) there is no way of specifying the enabled cipher suites
and protocols used by Ignite, without doing it globally for the JRE.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message