Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-5721

Add SNI support to the endpoints

    XMLWordPrintable

Details

    Description

      Openshift Router uses DNS names to perform routing. It is perfectly legal to have this kind of configuration:

      client 1 --> example.com:11222 -----+> Hotrod server
                                  /
client 2 --> example2.com:11222 /

      In that case the TLS configuration might be problematic (since very often certificates are issued for a domain name). However it is possible to use SNI TLS Extension.

      The SNI needs to be added to:

      • Client's configuration (it needs to modify it's own SSLContext and add SSLParams
      • Hotrod server to support SNI (with Netty)
      • XML Configuration for Hotrod

      Attachments

        Issue Links

          relates to

          Feature Request - Feature requests from customers and/or users JDG-516 Implement SNI for JDG server

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              slaskawi@redhat.com Sebastian Łaskawiec (Inactive)
              ttarrant@redhat.com Tristan Tarrant
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: