(DEPRECATED) Apache Flink User Mailing List archive.

SSL configuration - default behaviour

classic Classic list List threaded Threaded
4 messages Options
KristoffSC
Reply | Threaded
Open this post in threaded view
|

SSL configuration - default behaviour

KristoffSC
Hi,
In documentation [1] we can read that

All internal connections are SSL authenticated and encrypted. The
connections use mutual authentication, meaning both server and client side
of each connection need to present the certificate to each other. The
certificate acts effectively as a shared secret.

But is this a default behavior? Are internal connections encrypted by
default?

[1]
https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html



--
Sent from: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/
rmetzger0
Reply | Threaded
Open this post in threaded view
|

Re: SSL configuration - default behaviour

rmetzger0
Hi,

thanks a lot for your message. By default, internal connections are not encrypted.

On Fri, Feb 7, 2020 at 4:08 PM KristoffSC <[hidden email]> wrote:
Hi,
In documentation [1] we can read that

All internal connections are SSL authenticated and encrypted. The
connections use mutual authentication, meaning both server and client side
of each connection need to present the certificate to each other. The
certificate acts effectively as a shared secret.

But is this a default behavior? Are internal connections encrypted by
default?

[1]
https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html



--
Sent from: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/
KristoffSC
Reply | Threaded
Open this post in threaded view
|

Re: SSL configuration - default behaviour

KristoffSC
Thanks Robert,
just a small suggestion maybe to change the documentation a little bit.

I'm not sure if its only my impression but from sentence: 
" All internal connections are SSL authenticated and encrypted" initially I thought that this is the default configuration.

Thanks,
Krzysztof

pon., 10 lut 2020 o 15:12 Robert Metzger <[hidden email]> napisał(a):
Hi,

thanks a lot for your message. By default, internal connections are not encrypted.

On Fri, Feb 7, 2020 at 4:08 PM KristoffSC <[hidden email]> wrote:
Hi,
In documentation [1] we can read that

All internal connections are SSL authenticated and encrypted. The
connections use mutual authentication, meaning both server and client side
of each connection need to present the certificate to each other. The
certificate acts effectively as a shared secret.

But is this a default behavior? Are internal connections encrypted by
default?

[1]
https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html



--
Sent from: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/
Piotr Nowojski-3
Reply | Threaded
Open this post in threaded view
|

Re: SSL configuration - default behaviour

Piotr Nowojski-3
Hi Krzysztof,

Thanks for the suggestion. It was kind of implied in the first sentence on the page already, but I’m fixing it [1] to make it more clear. 

Piotrek


On 11 Feb 2020, at 08:22, Krzysztof Chmielewski <[hidden email]> wrote:

Thanks Robert,
just a small suggestion maybe to change the documentation a little bit.

I'm not sure if its only my impression but from sentence: 
" All internal connections are SSL authenticated and encrypted" initially I thought that this is the default configuration.

Thanks,
Krzysztof

pon., 10 lut 2020 o 15:12 Robert Metzger <[hidden email]> napisał(a):
Hi,

thanks a lot for your message. By default, internal connections are not encrypted.

On Fri, Feb 7, 2020 at 4:08 PM KristoffSC <[hidden email]> wrote:
Hi,
In documentation [1] we can read that

All internal connections are SSL authenticated and encrypted. The
connections use mutual authentication, meaning both server and client side
of each connection need to present the certificate to each other. The
certificate acts effectively as a shared secret.

But is this a default behavior? Are internal connections encrypted by
default?

[1]
https://ci.apache.org/projects/flink/flink-docs-stable/ops/security-ssl.html



--
Sent from: http://apache-flink-user-mailing-list-archive.2336050.n4.nabble.com/
Free forum by Nabble Edit this page