Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-25267

Add SSL keystore type and truststore related configs for HBase RESTServer

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.0.0-alpha-1, 2.4.0, 2.2.7, 2.3.4
    • REST
    • None

    Description

      The RESTServer currently relies on the following parameters to configure SSL on the REST API:

      • hbase.rest.ssl.enabled
      • hbase.rest.ssl.keystore.store
      • hbase.rest.ssl.keystore.password
      • hbase.rest.ssl.keystore.keypassword
      • hbase.rest.ssl.exclude.cipher.suites
      • hbase.rest.ssl.include.cipher.suites
      • hbase.rest.ssl.exclude.protocols
      • hbase.rest.ssl.include.protocols

      In this patch I want to introduce the following new parameters:

      • hbase.rest.ssl.keystore.type
      • hbase.rest.ssl.truststore.store
      • hbase.rest.ssl.truststore.password
      • hbase.rest.ssl.truststore.type

      If any of the new the parameter is not provided, then we should fall-back to the current behaviour (e.g. assuming JKS keystore/truststore types, or no passwords, or no custom trust store file).

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #2642

          Activity

            People

              symat Mate Szalay-Beko
              symat Mate Szalay-Beko
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: