Description
It would be very useful to be able to, in addition to the javax.net.ssl.SSLContext, either specify a custom javax.net.ssl.SSLServerSocketFactory and a custom javax.net.ssl.SSLSocketFactory, or to be able to at least specify the enabled TLS protocols and cipher suites.
I have noticed that the org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter has support for the latter but I cannot find a way of getting a reference to the filter instance. The GridNioSslFilter also isn't used by TcpDiscoverySpi as far as I can tell.
Currently (as far as I can tell) there is no way of specifying the enabled cipher suites and protocols used by Ignite, without doing it globally for the JRE.
Attachments
Issue Links
- causes
-
IGNITE-11077 Add information about SSL cipher suites to apacheignite.readme.io
- Open
- is related to
-
IGNITE-9329 Positive and negative tests for SSL ciphers and protocols
- Open
- relates to
-
IGNITE-7997 Ability to use different SSL trust store password and private key password
- Open
- links to