Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-5721

Add SNI support to the endpoints

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Done
    • Icon: Major Major
    • 9.0.0.Final
    • 8.0.0.Final
    • Security, Server
    • None

      Openshift Router uses DNS names to perform routing. It is perfectly legal to have this kind of configuration:

      client 1 --> example.com:11222 -----+> Hotrod server
                                        /
      client 2 --> example2.com:11222 /
      

      In that case the TLS configuration might be problematic (since very often certificates are issued for a domain name). However it is possible to use SNI TLS Extension.

      The SNI needs to be added to:

      • Client's configuration (it needs to modify it's own SSLContext and add SSLParams
      • Hotrod server to support SNI (with Netty)
      • XML Configuration for Hotrod

          There are no Sub-Tasks for this issue.

              slaskawi@redhat.com Sebastian Ɓaskawiec (Inactive)
              ttarrant@redhat.com Tristan Tarrant
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: