You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Jyothsna Konisa (Jira)" <ji...@apache.org> on 2022/10/03 22:34:00 UTC

[jira] [Updated] (CASSANDRA-17923) Mixed mode support for internode authentication during TLS upgrades

     [ https://issues.apache.org/jira/browse/CASSANDRA-17923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jyothsna Konisa updated CASSANDRA-17923:
----------------------------------------
                      Reviewers: Jon Meredith, Yifan Cai
            Source Control Link: https://github.com/apache/cassandra/pull/1884
    Test and Documentation Plan: 
Added test cases to test internode TLS support for scenarios like upgrading and downgrading clusters. Also tested this TLS mixed mode operation using CCM locally.

 

[https://app.circleci.com/pipelines/github/jyothsnakonisa/cassandra?branch=mixmode-internode-auth] [https://app.circleci.com/pipelines/github/jyothsnakonisa/cassandra?branch=mixmode-internode-auth]
                         Tester: Jyothsna Konisa

> Mixed mode support for internode authentication during TLS upgrades
> -------------------------------------------------------------------
>
>                 Key: CASSANDRA-17923
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17923
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Jyothsna Konisa
>            Assignee: Jyothsna Konisa
>            Priority: Normal
>
> During upgrades from "non-ssl -> ssl" or "ssl-mTLS" the cluster should be able to function in mixed mode with some nodes supporting "non-ssl" authentication and the new nodes supporting "mTLS" authentication. Currently we do not have this supported and because of which upgrades are not possible for upgrading internode authentication strategies.
> If a node is configured in optional mode for internode connections, retry with other SSL strategies If the node is not able to connect to other nodes due to authentication problems. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org