[CASSANDRA-16719] Allow for transitioning from using one SSLContextFactory implementation to another - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Normal
Resolution: Unresolved
Fix Version/s: 5.x
Component/s: Messaging/Internode
Labels:
None

Change Category:
Operability
Complexity:
Normal
Platform:

All
Impacts:

None

Description

With ~~CASSANDRA-16666~~ providing pluggable SSLContext, this ticket is to provide mechanics for being able to transparently transition from using one SSLContext implementation to another.

As indicated in https://issues.apache.org/jira/browse/CASSANDRA-16666?focusedCommentId=17358655&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-17358655,
one could do the following on their cluster for moving from say Implementation1 to Implementation2
Stage #1: Current state of being only Implementation1 aware. Use keystore and trustmanager of implementation1
Stage #2: Start trusting both implementation1 and implementation2. Use keystore of implementation1, but use trustmanager of both implementation1 and implementation2 (using MultiTrustManagerFactory) (and perform a rolling restart of the cluster)
Stage #3: Start using implementation2 for keystore, and perform a rolling restart of the cluster
Stage #4: At this point, all nodes of the cluster are using implementation2 for keystore, but trust both implementation1 and implementation2, and we can now remove implementation1 from trustmanagers, and do a rolling restart.

Attachments

Issue Links

depends upon

CASSANDRA-16666 Make SSLContext creation pluggable/extensible

Resolved

Activity

People

Assignee:: Sumanth Pasupuleti

Reporter:: Sumanth Pasupuleti

Authors:: Sumanth Pasupuleti

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Jun/21 15:10

Updated:: 07/Mar/23 10:53