[GEODE-9542] Enable SSL Client Certificate Authorization for Redis - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.15.0
Component/s: redis
Labels:
- pull-request-available
- redis

Description

When the ssl-require-authentication Geode property is set to true, we should validate the Redis client's certificate against the configured ssl-truststore to ensure that the client certificate is issued by a trusted Certificate Authority.

Acceptance Criteria

Client certificates issued by trusted Certificate Authorities are properly authenticated. Client certificates issued by non-trusted Certificate Authorities are not authenticated. When the Geode property ssl-require-authentication is set to false, no client certificate authentication is performed.

Appropriate tests are developed to ensure this feature works as expected and does not regress.

Attachments

Issue Links

links to

GitHub Pull Request #6826

Activity

People

Assignee:: Jens Deppe

Reporter:: Wayne

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Aug/21 20:33

Updated:: 22/Jun/22 20:45

Resolved:: 14/Sep/21 15:45