Hello, Given that some SSL enhancement bugs have been posted lately, I took some time to revise FLIP-26 which explores how to harden both external and internal communication.
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=80453255 Some recent related issues: - FLINK-9312 - mutual auth for intra-cluster communication - FLINK-5030 - original SSL feature work There's also some recent discussion of how to use Flink SSL effectively in a Kubernetes environment. The issue is about hostname verification. The proposal that I've put forward in FLIP-26 is to not use hostname verification for intra-cluster communication, but rather to rely in a cluster-internal certificate and a truststore consisting only of that certificate. Meanwhile, a new "external" certificate would be configurable for the web/api endpoint and associated with a well-known DNS name as provided by a K8s Service resource. Stephan is this in-line with your thinking re FLINK-9312? Thanks Eron
