Allow multiple trust and key store files to be configured for a Geode cluster
To be Reviewed By:
Authors: Joris Melchior
Status: Draft | Discussion | Active | Dropped | Superseded
Superseded by: N/A
Related: N/A
Problem
In our current TLS configuration we can only define one trust and one key file for the system. It would be convenient to have multiple files so we can source the information from more than one place in case clients have separate files for mTLS for example.
Anti-Goals
We do not want to change the format of the files or make change to the core implementation of TLS in Geode.
Solution
Change our configuration to add the properties SSL_TRUSTSTORES, SSL_TRUSTSTORE_PASSWORDS, SSL_KEYSTORES, SSL_KEYSTORE_PASSWORDS to allow for adding multiple comma separated values where the existing singular named equivalent parameters only allow for single values.
Change our configuration code so that we can parse these parameters as comma separated values and have logic in place to use either the singular or multiple values depending on presence of one or the other.
Change our configuration code so that we can use the parsed values to load multiple files with associated passwords when loading TLS key and trust store information.
Deprecate the equivalent singular value parameters.
Changes and Additions to Public Interfaces
The configuration parameters are part of the Public interface of Geode so this is a change to that interface.
Performance Impact
Apart from a possible minute impact on startup this should not impact the performance of a Geode cluster.
Backwards Compatibility and Upgrade Path
Will the regular rolling upgrade process work with these changes? Yes
How do the proposed changes impact backwards-compatibility? Are message or file formats changing? This change is backwards compatible.
Is there a need for a deprecation process to provide an upgrade path to users who will need to adjust their applications? Yes eventually deprecated parameters will need to be removed
Prior Art
What would be the alternatives to the proposed solution? What would happen if we don’t solve the problem? Why should this proposal be preferred?
There are no known alternatives for the proposed solution.
FAQ
Answers to questions you’ve commonly been asked after requesting comments for this proposal.
Errata
What are minor adjustments that had to be made to the proposal since it was approved?