You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by km...@apache.org on 2018/08/30 17:28:02 UTC

[geode] branch develop updated: GEODE-5594 Enable endpoint validation during using SSL handshake (#2406)

This is an automated email from the ASF dual-hosted git repository.

kmiller pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/geode.git


The following commit(s) were added to refs/heads/develop by this push:
     new e76f1e3  GEODE-5594 Enable endpoint validation during using SSL handshake (#2406)
e76f1e3 is described below

commit e76f1e369c3ab7bae5e89320d6492a37a8fbb660
Author: Karen Miller <ka...@users.noreply.github.com>
AuthorDate: Thu Aug 30 10:27:55 2018 -0700

    GEODE-5594 Enable endpoint validation during using SSL handshake (#2406)
    
    * GEODE-5594 Enable endpoint validation during using SSL handshake
    
    document new ssl-endpoint-identification-enabled property
    
    * GEODE-5594 Enable endpoint validation during using SSL handshake
    
    Revise wording per review
---
 geode-docs/managing/security/implementing_ssl.html.md.erb  | 12 +++++++++++-
 geode-docs/reference/topics/gemfire_properties.html.md.erb |  9 +++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/geode-docs/managing/security/implementing_ssl.html.md.erb b/geode-docs/managing/security/implementing_ssl.html.md.erb
index da7bce1..368ad73 100644
--- a/geode-docs/managing/security/implementing_ssl.html.md.erb
+++ b/geode-docs/managing/security/implementing_ssl.html.md.erb
@@ -71,6 +71,14 @@ protocols, and to provide the location and credentials for key and trust stores.
 <dt>**ssl-enabled-components**</dt>
 <dd>List of components for which to enable SSL. Component list can be "all" or a comma-separated list of components.</dd>
 
+<dt>**ssl-endpoint-identification-enabled**</dt>
+<dd> A boolean value that, when set to true, 
+causes clients to validate the server's hostname using
+the server's certificate.
+The default value is false.
+Enabling endpoint identification guards against DNS man-in-the-middle
+attacks when trusting certificates that are not self-signed.</dd>
+
 <dt>**ssl-require-authentication**</dt>
 <dd>Requires two-way authentication, applies to all components except web. Boolean - if true (the default), two-way authentication is required.</dd>
 
@@ -114,6 +122,7 @@ enable SSL for all components.
  
 ``` pre
 ssl-enabled-components=all
+ssl-endpoint-identification-enabled=true
 ssl-keystore=secure/keystore.dat
 ssl-keystore-password=changeit
 ssl-truststore=secure/truststore.dat
@@ -122,7 +131,6 @@ ssl-truststore-password=changeit
  
 If the key store has multiple certificates you may want to specify the alias of the one you wish to use for each process.  For instance, `ssl-default-alias=Hiroki`.
 
-
 ### Example: non-secure cluster communications, secure client/server
 
 In this example, SSL is used to secure communications between the client and the server:
@@ -167,6 +175,7 @@ store.
 
 ``` pre
 ssl-enabled-components=server,locator
+ssl-endpoint-identification-enabled=true
 ssl-keystore=secret/keystore.dat
 ssl-keystore-password=changeit
 ssl-truststore=secret/truststore.dat
@@ -196,6 +205,7 @@ The following table lists the properties you can use to configure SSL on your <%
 | Property                           | Description                                                                  | Value |
 |------------------------------------|------------------------------------------------------------------------------|-------|
 | ssl&#8209;enabled&#8209;components | list of components for which to enable SSL | "all" or comma-separated list of components: cluster, gateway, web, jmx, locator, server |
+| ssl&#8209;endpoint&#8209;identification&#8209;enabled | causes clients to validate server hostname using server certificate | boolean - if true, does validation; defaults to false |
 | ssl-require-authentication         | requires two-way authentication, applies to all components except web | boolean - if true (the default), two-way authentication is required |
 | ssl&#8209;web&#8209;require&#8209;authentication    | requires two-way authentication for web component | boolean - if true, two-way authentication is required. Default is false (one-way authentication only) |
 | ssl-default-alias                  | default certificate name                   | string - if empty, use first certificate in key store |
diff --git a/geode-docs/reference/topics/gemfire_properties.html.md.erb b/geode-docs/reference/topics/gemfire_properties.html.md.erb
index 9efc669..c41564c 100644
--- a/geode-docs/reference/topics/gemfire_properties.html.md.erb
+++ b/geode-docs/reference/topics/gemfire_properties.html.md.erb
@@ -616,6 +616,15 @@ Any security-related (properties that begin with <code class="ph codeph">securit
 </tr>
 
 <tr>
+<td>ssl-endpoint-identification-enabled</td>
+<td> A boolean value that, when set to true,
+causes clients to validate the server's hostname using 
+the server's certificate.</td>
+<td>C, S, L</td>
+<td>false</td>
+</tr>
+
+<tr>
 <td>ssl-require-authentication</td>
 <td>Boolean. Require two-way authentication for SSL-enabled components. Applies to all components except web.</td>
 <td>S, L</td>