[
https://issues.jboss.org/browse/TEIID-3177?page=com.atlassian.jira.plugin...
]
Steven Hawkins commented on TEIID-3177:
---------------------------------------
Note that this is the default behavior of a pg server as well. You have to additionally
configure the hba conf to deny non-ssl client connections - which is what this feature
will be analogous to. Also note that
http://www.postgresql.org/docs/9.2/static/libpq-ssl.html states that clients must be
configured for ssl - see sslmode or else the client can still send information in an
non-secure fashion even if the server is in ssl mode regardless of whether it is rejecting
connections (this may be because there are versions of the pg client that can send
password information in the initialization message or not waiting for the authentication
mode response from the server).
Enforce SSL connections over ODBC when Encryption Mode is enabled
-----------------------------------------------------------------
Key: TEIID-3177
URL:
https://issues.jboss.org/browse/TEIID-3177
Project: Teiid
Issue Type: Feature Request
Components: ODBC
Affects Versions: 8.8
Reporter: Cristiano Nicolai
Assignee: Steven Hawkins
Priority: Critical
When connecting via ODBC transport, even if the encryption mode is set to enabled is
still possible to establish non ssl connections. This allows clients to connect via
insecure method. We would like that the Teiid transport could reject connections if they
are not properly set up using SSL transport.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)