You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Jason Brown (JIRA)" <ji...@apache.org> on 2018/02/05 20:55:00 UTC

[jira] [Comment Edited] (CASSANDRA-13259) Use platform specific X.509 default algorithm

    [ https://issues.apache.org/jira/browse/CASSANDRA-13259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16352927#comment-16352927 ] 

Jason Brown edited comment on CASSANDRA-13259 at 2/5/18 8:54 PM:
-----------------------------------------------------------------

Circling back to this, I'd like to just reduce the scope back to the original intent of this ticket (update {{server_encryption_options/algorithm}}) to the new default, and leave the discussion of other yaml props to CASSANDRA-13314. That way we can commit this one and get it out of the way. wdyt, [~spodxx@gmail.com]? We still need an {{alogrithm}} parameter after CASSANDRA-8457/CASSANDRA-10404 as we need it when building the [{{TrustManagerFactory}}|https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/security/SSLFactory.java#L108] and [{{KeyManagerFactory}}|https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/security/SSLFactory.java#L124] in {{SSLFactory}}.

 

Also, should we consider applying to 3.0 and 3.11, as well?


was (Author: jasobrown):
Circling back to this, I'd like to just reduce the scope back to the original intent of this ticket (update {{server_encryption_options/algorithm}}) to the new default, and leave the discussion of other yaml props to CASSANDRA-13314. That way we can commit this one and get it out of the way. wdyt, [~spodxx@gmail.com]? We still need an {{alogrithm}} parameter after CASSANDRA-8457/CASSANDRA-10404 as we need it when building the [{{TrustManagerFactory}}|https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/security/SSLFactory.java#L108] and [{{KeyManagerFactory}}|https://github.com/apache/cassandra/blob/trunk/src/java/org/apache/cassandra/security/SSLFactory.java#L124] in {{SSLFactory}}.


> Use platform specific X.509 default algorithm
> ---------------------------------------------
>
>                 Key: CASSANDRA-13259
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13259
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Configuration
>            Reporter: Stefan Podkowinski
>            Assignee: Stefan Podkowinski
>            Priority: Minor
>             Fix For: 4.x
>
>
> We should replace the hardcoded "SunX509" default algorithm and use the JRE default instead. This implementation will currently not work on less popular platforms (e.g. IBM) and won't get any further updates.
> See also:
> https://bugs.openjdk.java.net/browse/JDK-8169745



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org