[teiid-issues] [JBoss JIRA] (TEIIDSB-92) Provide an openshfit example of a secure transport
Steven Hawkins (Jira)
issues at jboss.org
Fri May 17 12:13:00 EDT 2019
[ https://issues.jboss.org/browse/TEIIDSB-92?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13735012#comment-13735012 ]
Steven Hawkins commented on TEIIDSB-92:
---------------------------------------
> we can use whatever OpenShift tools to make sure it is done correct way, IMO no need to put in our own way of doing it for now.
The same annotation for serving certificates (although beta instead of alpha) for operators: https://github.com/openshift/service-ca-operator
However there's nothing built-in that will convert the service certificates to a java keystore. So we'd likely still want to use an initContainer with our operator based logic.
> Provide an openshfit example of a secure transport
> --------------------------------------------------
>
> Key: TEIIDSB-92
> URL: https://issues.jboss.org/browse/TEIIDSB-92
> Project: Teiid Spring Boot
> Issue Type: Sub-task
> Components: OpenShift
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Priority: Major
> Attachments: screenshot-1.png
>
>
> Until we have kerberos support, usage of the pg transport will likely need to be secure to prevent plain-text username/password being sent unencrypted.
> It should also be a general option to enable secure transports from our ui. External exposure is covered in TEIIDSB-86.
> We should use the private key from either based upon a self-signed certificate or using service signing certificates. I'll provide an example demonstrating one of those approaches.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the teiid-issues
mailing list