Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-6167

Ability to enabled TLS protocols and cipher suites

    Details

    • Type: Wish
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.1
    • Fix Version/s: 2.7
    • Component/s: security
    • Labels:
      None
    • Ignite Flags:
      Docs Required

      Description

      It would be very useful to be able to, in addition to the javax.net.ssl.SSLContext, either specify a custom javax.net.ssl.SSLServerSocketFactory and a custom javax.net.ssl.SSLSocketFactory, or to be able to at least specify the enabled TLS protocols and cipher suites.

      I have noticed that the org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter has support for the latter but I cannot find a way of getting a reference to the filter instance. The GridNioSslFilter also isn't used by TcpDiscoverySpi as far as I can tell.

      Currently (as far as I can tell) there is no way of specifying the enabled cipher suites and protocols used by Ignite, without doing it globally for the JRE.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mcherkasov Mikhail Cherkasov
                Reporter:
                jens.borgland Jens Borgland
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: