[TS-3301] TLS ticket rotation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 5.3.0
Component/s: Core, SSL
Labels:
None

Description

We all know that it is bad security practice to use the same password/key all the time. This project tries to rotate TLS session ticket keys periodically. When an admin runs "traffic_line -x" after a new ticket key is put in the key file ssl_ticket.key, an event will be generated and ATS will reconfigure SSL. The keys are read in all at the same time and the first entry is the most recent key. A new key is assumed to be put at the beginning of ssl_ticket.key file and an old key is chopped off at the end from the file.

Author: Bin Zeng <bzeng@linkedin.com>

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

traffic_line_rotation_6.diff
15/Jan/15 19:37
12 kB
Brian Geffon

Activity

People

Assignee:: James Peach

Reporter:: Brian Geffon

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 15/Jan/15 19:35

Updated:: 13/May/15 20:36

Resolved:: 16/Jan/15 18:20