Allow multiple trust and key store files to be configured for a Geode cluster

To be Reviewed By:

Authors: Joris Melchior

Status: Draft | Discussion | Active | Dropped | Superseded

Superseded by: N/A

Related: N/A

Problem

In our current TLS configuration we can only define one trust and one key file for the system. It would be convenient to have multiple files so we can source the information from more than one place in case clients have separate files for mTLS for example.

Anti-Goals

We do not want to change the format of the files or make change to the core implementation of TLS in Geode.

Solution

Change our configuration to add the properties SSL_TRUSTSTORES, SSL_TRUSTSTORE_PASSWORDS, SSL_KEYSTORES, SSL_KEYSTORE_PASSWORDS to allow for adding multiple comma separated values where the existing singular named equivalent parameters only allow for single values.

Change our configuration code so that we can parse these parameters as comma separated values and have logic in place to use either the singular or multiple values depending on presence of one or the other.

Change our configuration code so that we can use the parsed values to load multiple files with associated passwords when loading TLS key and trust store information.

Deprecate the equivalent singular value parameters.

Changes and Additions to Public Interfaces

The configuration parameters are part of the Public interface of Geode so this is a change to that interface.

Performance Impact

Apart from a possible minute impact on startup this should not impact the performance of a Geode cluster.

Backwards Compatibility and Upgrade Path

Will the regular rolling upgrade process work with these changes? Yes

How do the proposed changes impact backwards-compatibility? Are message or file formats changing? This change is backwards compatible.

Is there a need for a deprecation process to provide an upgrade path to users who will need to adjust their applications? Yes eventually deprecated parameters will need to be removed

Prior Art

What would be the alternatives to the proposed solution? What would happen if we don’t solve the problem? Why should this proposal be preferred?

There are no known alternatives for the proposed solution.

FAQ

Answers to questions you’ve commonly been asked after requesting comments for this proposal.

Errata

What are minor adjustments that had to be made to the proposal since it was approved?

  • No labels