[
https://issues.apache.org/jira/browse/CASSANDRA-17923?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jyothsna Konisa updated CASSANDRA-17923:
----------------------------------------
Reviewers: Jon Meredith, Yifan Cai
Source Control Link: https://github.com/apache/cassandra/pull/1884
Test and Documentation Plan:
Added test cases to test internode TLS support for scenarios like upgrading and
downgrading clusters. Also tested this TLS mixed mode operation using CCM
locally.
[https://app.circleci.com/pipelines/github/jyothsnakonisa/cassandra?branch=mixmode-internode-auth]
[https://app.circleci.com/pipelines/github/jyothsnakonisa/cassandra?branch=mixmode-internode-auth]
Tester: Jyothsna Konisa
> Mixed mode support for internode authentication during TLS upgrades
> -------------------------------------------------------------------
>
> Key: CASSANDRA-17923
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17923
> Project: Cassandra
> Issue Type: New Feature
> Reporter: Jyothsna Konisa
> Assignee: Jyothsna Konisa
> Priority: Normal
>
> During upgrades from "non-ssl -> ssl" or "ssl-mTLS" the cluster should be
> able to function in mixed mode with some nodes supporting "non-ssl"
> authentication and the new nodes supporting "mTLS" authentication. Currently
> we do not have this supported and because of which upgrades are not possible
> for upgrading internode authentication strategies.
> If a node is configured in optional mode for internode connections, retry
> with other SSL strategies If the node is not able to connect to other nodes
> due to authentication problems.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
