Ignite SSL security

classic Classic list List threaded Threaded
2 messages Options
marble.zhong@coinflex.com marble.zhong@coinflex.com
Reply | Threaded
Open this post in threaded view
|

Ignite SSL security

Hi Guru,

I am try to implement the SSL security,

default-config.xml like below, I have generated the server.jks and trust.jks
with command 'keytool -genkey -alias ignite -keystore server.jks -keyalg
RSA' and put the file server.jks to the $IGNITE_HOME folder, but when
restart ignite, met below exception:

Failed to start grid: Failed to initialize key store (key store file was not
found): [path=server.jks, msg=server.jks (No such file or directory)]

please advice where this file to put in?  or any suggestions for the ssl?

<property name="sslContextFactory">
    <bean class="org.apache.ignite.ssl.SslContextFactory">
      <property name="protocol" value="SSL"/>
      <property name="keyStoreFilePath" value="keystore/server.jks"/>
      <property name="keyStorePassword" value="123456"/>
      <property name="trustStoreFilePath" value="keystore/trust.jks"/>
      <property name="trustStorePassword" value="123456"/>

    </bean>
  </property>

     
    <property name="authenticationEnabled" value="true"/>



--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/
akorensh akorensh
Reply | Threaded
Open this post in threaded view
|

Re: Ignite SSL security

Hi,
  Internally, Ignite will use new File(keyStoreFilePath) ...
  This will interpret the keyStoreFilePath relative to the process working
directory.
 
  Use:
    System.out.println("Working Directory = " +
System.getProperty("user.dir"));
    to determine your working dir.

  Then use:
     File file = new File(keyStoreFilePath);
     System.out.println(file.getAbsolutePath());
     to see whether your file is in the correct place.

  see:
https://github.com/apache/ignite/blob/832cf801301f79b7e904b004e33855b105387982/modules/core/src/main/java/org/apache/ignite/ssl/SslContextFactory.java#L488
  for implementation.
Thanks, Alex
 

   



--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/