zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-236) SSL Support for Atomic Broadcast protocol
Date Fri, 14 Apr 2017 17:11:41 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-236?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15969267#comment-15969267

ASF GitHub Bot commented on ZOOKEEPER-236:

Github user afine commented on a diff in the pull request:

    --- Diff: src/java/main/org/apache/zookeeper/common/X509Util.java ---
    @@ -150,7 +196,7 @@ public static X509KeyManager createKeyManager(String keyStoreLocation,
String ke
                 KeyStore ks = KeyStore.getInstance("JKS");
                 inputStream = new FileInputStream(keyStoreFile);
                 ks.load(inputStream, keyStorePasswordChars);
    -            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
    +            KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX");
    --- End diff --
    A comment has been added where pkix is used for the trustmanager factory. We don't actually
need this change for the keymanager, but i preferred to be consistent.

> SSL Support for Atomic Broadcast protocol
> -----------------------------------------
>                 Key: ZOOKEEPER-236
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-236
>             Project: ZooKeeper
>          Issue Type: New Feature
>          Components: quorum, server
>            Reporter: Benjamin Reed
>            Assignee: Abraham Fine
>            Priority: Minor
> We should have the ability to use SSL to authenticate and encrypt the traffic between
ZooKeeper servers. For the most part this is a very easy change. We would probably only want
to support this for TCP based leader elections.

This message was sent by Atlassian JIRA

View raw message