-
Notifications
You must be signed in to change notification settings - Fork 34
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(tls): require certificate registered within cluster before choos…
…ing CQL SSL Previously, SSL was preferred when client_encryption_options.enabled coming from ScyllaDB configuration was true and SSL port is open, even when Scylla Manager did not have any client certificate registered for particular cluster. This caused issues when ScyllaDB cluster was exposing both CQL and CQL SSL with mTLS, because even when Manager was not registered with certificates, it still insisted to establish sessions using SSL port. CQL healthchecks was also affected. Fixes #3698
- Loading branch information
Showing
4 changed files
with
112 additions
and
93 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters