You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Yifan Cai (Jira)" <ji...@apache.org> on 2022/10/07 22:21:00 UTC

[jira] [Comment Edited] (CASSANDRA-17923) Mixed mode support for internode authentication during TLS upgrades

    [ https://issues.apache.org/jira/browse/CASSANDRA-17923?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17614167#comment-17614167 ] 

Yifan Cai edited comment on CASSANDRA-17923 at 10/7/22 10:20 PM:
-----------------------------------------------------------------

Starting commit

CI Results:
||Branch||Source||Circle CI||
|trunk|[branch|https://github.com/yifan-c/cassandra/tree/commit_remote_branch/CASSANDRA-17923-trunk-3D0B6138-8009-49D8-83CA-F3C64D96A833]|[build|https://app.circleci.com/pipelines/github/yifan-c/cassandra?branch=commit_remote_branch%2FCASSANDRA-17923-trunk-3D0B6138-8009-49D8-83CA-F3C64D96A833]|

CI run looks green. There is a test failure from the BufferPoolTest. There is a ticket CASSANDRA-16681 tracking the issue already. 

I am going to commit the patch.


was (Author: yifanc):
Starting commit

CI Results (pending):
||Branch||Source||Circle CI||
|trunk|[branch|https://github.com/yifan-c/cassandra/tree/commit_remote_branch/CASSANDRA-17923-trunk-3D0B6138-8009-49D8-83CA-F3C64D96A833]|[build|https://app.circleci.com/pipelines/github/yifan-c/cassandra?branch=commit_remote_branch%2FCASSANDRA-17923-trunk-3D0B6138-8009-49D8-83CA-F3C64D96A833]|

> Mixed mode support for internode authentication during TLS upgrades
> -------------------------------------------------------------------
>
>                 Key: CASSANDRA-17923
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17923
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Messaging/Internode
>            Reporter: Jyothsna Konisa
>            Assignee: Jyothsna Konisa
>            Priority: Normal
>
> During upgrades from "non-ssl -> ssl" or "ssl-mTLS" the cluster should be able to function in mixed mode with some nodes supporting "non-ssl" authentication and the new nodes supporting "mTLS" authentication. Currently we do not have this supported and because of which upgrades are not possible for upgrading internode authentication strategies.
> If a node is configured in optional mode for internode connections, retry with other SSL strategies If the node is not able to connect to other nodes due to authentication problems. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org