You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by vtkougrr <vt...@gmail.com> on 2015/01/29 17:12:00 UTC
Secure replication?
I'm using embedded Derby in a secure environment (FIPS). I would like to
enable replication to provide failover support, but I need to better
understand the security of the connections used during replication. Can the
replication connection be encrypted? And which/how many ports are used for
replication, is it just the port specified when defining the master/slave
configuration (port 4851 by default), or are others involved also?
Thanks!
--
View this message in context: http://apache-database.10148.n7.nabble.com/Secure-replication-tp143712.html
Sent from the Apache Derby Developers mailing list archive at Nabble.com.
Re: Secure replication?
Posted by Rick Hillegas <ri...@gmail.com>.
On 1/29/15 8:12 AM, vtkougrr wrote:
> I'm using embedded Derby in a secure environment (FIPS). I would like to
> enable replication to provide failover support, but I need to better
> understand the security of the connections used during replication. Can the
> replication connection be encrypted?
I have not tried this. However, in theory, ordinary Java SSL/TLS
encryption ought to work. You may need to boot both sides of the
connection with the Derby "-ssl peerAuthentication" flag. For more
information on protecting Derby network connections, see the section on
"Configuring SSL/TLS" in the Derby Security Guide:
http://db.apache.org/derby/docs/10.11/security/csecssl.html
Hope this helps,
-Rick
> And which/how many ports are used for
> replication, is it just the port specified when defining the master/slave
> configuration (port 4851 by default), or are others involved also?
>
> Thanks!
>
>
>
> --
> View this message in context: http://apache-database.10148.n7.nabble.com/Secure-replication-tp143712.html
> Sent from the Apache Derby Developers mailing list archive at Nabble.com.
>