Hi, Igniters,
I'm going to start working on the SSL support for the ODBC
connection and I need to hear your opinion.
For the client side I'm going to use OpenSSL library [1], which is
standard de-facto for C/C++ applications. Unfortunately its
licence is not fully compatible with Apache Licence, so its going
to require from users to install OpenSSL themselves.
For the driver I'm going to add following options to connection
string:
ssl_mode - Determines whether or with what priority a SSL
connection will be negotiated with the server. Options
here are disable, allow, prefer, require.
ssl_key_file - Path to the location for the secret key used for the
client certificate.
ssl_cert_file - Path to the file of the client SSL certificate.
If the ssl_mode is not set to "disable" then ODBC driver will
attempt to find and load OpenSSL library before establishing
connection.
For the server side there is already SslContextFactory in the
IgniteConfiguration, which is used by all components to determine
if the SSL enabled and to figure out connection parameters, so
I think it's a good idea to just re-use it for the ClientListenerProcessorю
What do you guys think?
[1] - https://www.openssl.org
Best Regards,
Igor
