[jira] [Comment Edited] (CASSANDRA-18624) Make Corretto Crypto Provider the Default

Wed, 26 Jul 2023 18:57:46 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-18624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17747703#comment-17747703
 ] 

Stefan Miklosovic edited comment on CASSANDRA-18624 at 7/27/23 1:56 AM:
------------------------------------------------------------------------

there are the testsĀ 

[https://github.com/apache/cassandra/pull/2505/files#diff-24aa5778c536575bab948358ce457c8c748709b490c5fd50ef51091fa1536eaf]
[https://github.com/apache/cassandra/pull/2505/files#diff-ffaa6f3948264e83fbebbd09fbd80d2e6f1b66a8c48db0709ae783d56a9f83d8]

[~mck] [~jwest] 

btw this is worth to mention 

https://github.com/corretto/amazon-corretto-crypto-provider/issues/315#issuecomment-1652066520

CassandraDaemon.maybeInitJmx is called after config is applied (check 
CassandraDaemon.activate) so JMX on SSL starts with Corretto provider already.

I am not sure what happens when you have e.g. nodetool connecting to Cassandra 
via SSL through JMX. I would expect that is doing some crypto as well. As that 
is a client tool, it would need to install the provider only in case if there 
is a crypto on server which is not on client. I do not think we are explicitly 
doing that anywhere.


was (Author: smiklosovic):
there are the testsĀ 

[https://github.com/apache/cassandra/pull/2505/files#diff-24aa5778c536575bab948358ce457c8c748709b490c5fd50ef51091fa1536eaf]
[https://github.com/apache/cassandra/pull/2505/files#diff-ffaa6f3948264e83fbebbd09fbd80d2e6f1b66a8c48db0709ae783d56a9f83d8]

[~mck] [~jwest] 

> Make Corretto Crypto Provider the Default
> -----------------------------------------
>
>                 Key: CASSANDRA-18624
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-18624
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Dependencies
>            Reporter: Jordan West
>            Assignee: Ayushi Singh
>            Priority: Normal
>             Fix For: 5.x
>
>         Attachments: image.png
>
>          Time Spent: 28h
>  Remaining Estimate: 0h
>
> [Amazon Corretto Crypto Provider| 
> https://github.com/corretto/amazon-corretto-crypto-provider] is an 
> alternative provider of TLS and cryptographic functions that has significant 
> performance benefits for Cassandra. It is Apache 2.0 licensed and has been 
> deployed in several existing large fleets. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to