You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Brandon Williams (JIRA)" <ji...@apache.org> on 2015/03/23 22:06:52 UTC
[jira] [Updated] (CASSANDRA-8803) Implement transitional mode in C*
that will accept both encrypted and non-encrypted client traffic
[ https://issues.apache.org/jira/browse/CASSANDRA-8803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brandon Williams updated CASSANDRA-8803:
----------------------------------------
Fix Version/s: 2.0.14
> Implement transitional mode in C* that will accept both encrypted and non-encrypted client traffic
> --------------------------------------------------------------------------------------------------
>
> Key: CASSANDRA-8803
> URL: https://issues.apache.org/jira/browse/CASSANDRA-8803
> Project: Cassandra
> Issue Type: Improvement
> Components: Core
> Reporter: Vishy Kasar
> Fix For: 2.0.14
>
>
> We have some non-secure clusters taking live traffic in production from active clients. We want to enable client to node encryption on these clusters. Once we set the client_encryption_options enabled to true in yaml and bounce a cassandra node in the ring, the existing clients that do not do SSL will fail to connect to that node.
> There does not seem to be a good way to roll this change with out taking an outage. Can we implement a transitional mode in C* that will accept both encrypted and non-encrypted client traffic? We would enable this during transition and turn it off after both server and client start talking SSL.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)