Feels like you answered your own question here - why not just use HTTPS for your multisite sync?
I'm not aware of any other encryption mechanisms for metadata (I guess using SSE encryption for your data may save that going over in plain text) and would assume that just using HTTP would indeed be a security risk. ________________________________ From: maryzhang0...@gmail.com <maryzhang0...@gmail.com> Sent: Thursday, September 19, 2024 6:01 AM To: ceph-users@ceph.io <ceph-users@ceph.io> Subject: [EXTERNAL] [ceph-users] Multisite sync: is metadata transferred in plain text? Hi, We have a multisite Ceph configuration, with http (not https) sync endpoints. Are all sync traffic in plain text? We have concerns about metadata. For example, when syncing a newly created user and its access key and secret key from the Master zone to a secondary zone, is this traffic in plain text? If so, what are options to encrypt it? Thank you, Mary _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
