[JBoss JIRA] (TEIIDSB-92) Provide an openshfit example of a secure transport

Friday, 17 May 2019

    [
https://issues.jboss.org/browse/TEIIDSB-92?page=com.atlassian.jira.plugin...
] 

Steven Hawkins commented on TEIIDSB-92:
---------------------------------------

...
 we can use whatever OpenShift tools to make sure it is done correct
way, IMO no need to put in our own way of doing it for now. 
The same annotation for serving certificates (although beta instead of alpha) for
operators:  https://github.com/openshift/service-ca-operator 

However there's nothing built-in that will convert the service certificates to a java
keystore.  So we'd likely still want to use an initContainer with our operator based
logic.

...
 Provide an openshfit example of a secure transport
 --------------------------------------------------

                 Key: TEIIDSB-92
                 URL: https://issues.jboss.org/browse/TEIIDSB-92
             Project: Teiid Spring Boot
          Issue Type: Sub-task
          Components: OpenShift
            Reporter: Steven Hawkins
            Assignee: Steven Hawkins
            Priority: Major
         Attachments: screenshot-1.png

 Until we have kerberos support, usage of the pg transport will likely need to be secure
to prevent plain-text username/password being sent unencrypted.
 It should also be a general option to enable secure transports from our ui.  External
exposure is covered in TEIIDSB-86.
 We should use the private key from either based upon a self-signed certificate or using
service signing certificates.  I'll provide an example demonstrating one of those
approaches. 

--
This message was sent by Atlassian Jira
(v7.12.1#712002)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009