Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
34,157 Commits 29 Branches 469 Tags 859 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Kevin Risden 22155bf7a7
SOLR-14163: SOLR_SSL_CLIENT_HOSTNAME_VERIFICATION needs to work with Jetty server/client SSL contexts 
Closes #1147

Signed-off-by: Kevin Risden <krisden@apache.org>
 2020-01-09 10:28:35 -05:00
Robert Muir 1cb6e35058 SOLR-14141: eliminate JKS keystore from solr ssl docs. 
Currently the documentation pretends to create a JKS keystore. It is
only actually a JKS keystore on java 8: on java9+ it is a PKCS12
keystore with a .jks extension (because PKCS12 is the new java default).
It works even though solr explicitly tells the JDK
(SOLR_SSL_KEY_STORE_TYPE=JKS) that its JKS when it is in fact not, due
to how keystore backwards compatibility was implemented.

Fix docs to explicitly create a PKCS12 keystore with .p12 extension and
so on instead of a PKCS12 keystore masquerading as a JKS one. This
simplifies the SSL steps since the "conversion" step (which was doing
nothing) from .JKS -> .P12 can be removed.
 2019-12-29 09:34:00 -05:00
Kevin Risden aab3c5faa3
SOLR-14106: Cleanup Jetty SslContextFactory usage 
Jetty 9.4.16.v20190411 and up introduced separate
client and server SslContextFactory implementations.
This split requires the proper use of of
SslContextFactory in clients and server configs.

This fixes the following
* SSL with SOLR_SSL_NEED_CLIENT_AUTH not working since v8.2.0
* Http2SolrClient SSL not working in branch_8x

Signed-off-by: Kevin Risden <krisden@apache.org>
 2019-12-19 23:05:47 -05:00
Cao Manh Dat 7350c50316 SOLR-13798: SSL: Adding Enabling/Disabling client's hostname verification config 2019-09-30 16:29:43 +01:00
Jan Høydahl a3fc31e5d2 Remove unnecessary XML exclusions as Jetty handles these by default (janhoy) 2018-10-18 16:38:52 +02:00
Mark Miller 5e2a5a5b8c SOLR-10783: Add support for Hadoop Credential Provider as SSL/TLS store password source. 2018-04-09 21:57:56 -05:00
Mark Miller 0fb89f17e1 SOLR-10307: Allow Passing SSL passwords through environment variables. 2017-05-16 14:19:16 -03:00
Kevin Risden bf424d1ec1 SOLR-9728: Ability to specify Key Store type in solr.in file for SSL 2016-11-28 09:52:02 -06:00
Shalin Shekhar Mangar 093d86901b SOLR-4839: Disable SSLv3 (POODLE) by default from our SSL config. Also added credits for Steve Rowe and Steve Davids. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1676354 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-27 18:09:51 +00:00
Shalin Shekhar Mangar c3185b5489 SOLR-4839: Separate jetty and client specific SSL properties 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1676102 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-26 12:44:20 +00:00
Shalin Shekhar Mangar 299ddc5abe SOLR-4839: SSL support with Jetty 9. Also fixes SOLR-7449 on trunk. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1675619 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-23 14:17:35 +00:00
Shalin Shekhar Mangar 9464d2afb7 SOLR-4839: Make our jetty configs resemble stock Jetty 9.3 configs more closely. Thread pool and common config goes to jetty.xml. All property names are prefixed with solr.jetty. SSL keystore paths are now absolute. 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1675337 13f79535-47bb-0310-9956-ffa450edef68
 2015-04-22 11:35:31 +00:00
Shalin Shekhar Mangar 0d2c19d505 SOLR-4839: Removing extra license text from jetty xml and module files 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1649571 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-05 16:23:02 +00:00
Shalin Shekhar Mangar a41b9954d1 SOLR-4839: Upgrade to Jetty 9 
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1649552 13f79535-47bb-0310-9956-ffa450edef68
 2015-01-05 15:45:58 +00:00