Cassandra
  1. Cassandra
  2. CASSANDRA-1567

Provide configurable encryption support for internode communication

    Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Fix Version/s: 0.8 beta 1
    • Component/s: Core
    • Labels:
      None

      Description

      Provide the option to encrypt internode communication. The initial thought is to use JSSE (http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html) to wrap the existing ServerSocket & Sockets. This will only be an optional configuration and not enabled by default. The defaults would be TLS V1, RSA 1024-bit keys for handshake and SSL_RSA_WITH_RC4_128_MD5 as the cipher suite. Although this can be made configurable if the need arises.

      1. 0003-Default-Key-and-Certificate-for-internode-SSL.patch
        4 kB
        Nirmal Ranganathan
      2. 0002-Configurable-internode-encryption-option.patch
        24 kB
        Nirmal Ranganathan
      3. 0003-Default-Key-and-Certificate-for-internode-SSL-V2.patch
        4 kB
        Nirmal Ranganathan
      4. 0002-Configurable-internode-encryption-option-V2.patch
        30 kB
        Nirmal Ranganathan
      5. 0004-setReuseAddress-before-bind-and-docs.patch
        4 kB
        Gary Dusbabek
      6. 1567-v3.patch
        33 kB
        Nirmal Ranganathan
      7. 1567-v4.patch
        31 kB
        Nirmal Ranganathan

        Activity

        Gavin made changes -
        Workflow patch-available, re-open possible [ 12752457 ] reopen-resolved, no closed status, patch-avail, testing [ 12755367 ]
        Gavin made changes -
        Workflow no-reopen-closed, patch-avail [ 12522038 ] patch-available, re-open possible [ 12752457 ]
        Gary Dusbabek made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Gary Dusbabek made changes -
        Fix Version/s 0.8 [ 12314820 ]
        Fix Version/s 0.7.1 [ 12315199 ]
        Nirmal Ranganathan made changes -
        Attachment 1567-v4.patch [ 12468759 ]
        Nirmal Ranganathan made changes -
        Attachment 1567-v3.patch [ 12468147 ]
        Gary Dusbabek made changes -
        Nirmal Ranganathan made changes -
        Nirmal Ranganathan made changes -
        Attachment 0002-Configurable-internode-encryption-option-V2.patch [ 12468048 ]
        Jonathan Ellis made changes -
        Assignee Pavel Yaskevich [ xedin ] Nirmal Ranganathan [ rnirmal ]
        Nirmal Ranganathan made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Nirmal Ranganathan made changes -
        Attachment 0002-Configurable-internode-encryption-option-V2.patch [ 12468048 ]
        Attachment 0003-Default-Key-and-Certificate-for-internode-SSL-V2.patch [ 12468049 ]
        Jonathan Ellis made changes -
        Assignee Nirmal Ranganathan [ rnirmal ] Pavel Yaskevich [ xedin ]
        Jonathan Ellis made changes -
        Comment [ bumping to 0.8 for dependency on THRIFT-106 which is in (will be in?) Thrift 0.6 ]
        Jonathan Ellis made changes -
        Fix Version/s 0.7.1 [ 12315199 ]
        Fix Version/s 0.8 [ 12314820 ]
        Jonathan Ellis made changes -
        Fix Version/s 0.8 [ 12314820 ]
        Fix Version/s 0.7.1 [ 12315199 ]
        Stu Hood made changes -
        Assignee Stu Hood [ stuhood ] Nirmal Ranganathan [ rnirmal ]
        Stu Hood made changes -
        Assignee Nirmal Ranganathan [ rnirmal ] Stu Hood [ stuhood ]
        Nirmal Ranganathan made changes -
        Nirmal Ranganathan made changes -
        Attachment 0002-Configurable-internode-encryption-option.patch [ 12456403 ]
        Nirmal Ranganathan made changes -
        Attachment 0001-Adding-SSL-versions-for-streaming-classes.patch [ 12456402 ]
        Stu Hood made changes -
        Reviewer stuhood
        Nirmal Ranganathan made changes -
        Field Original Value New Value
        Attachment 0001-Adding-SSL-versions-for-streaming-classes.patch [ 12456402 ]
        Attachment 0002-Configurable-internode-encryption-option.patch [ 12456403 ]
        Attachment 0003-Default-Key-and-Certificate-for-internode-SSL.patch [ 12456404 ]
        Nirmal Ranganathan created issue -

          People

          • Assignee:
            Nirmal Ranganathan
            Reporter:
            Nirmal Ranganathan
            Reviewer:
            Stu Hood
          • Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development