dmitri maziuk created SOLR-18132:
------------------------------------
Summary: SSL and external zookeeper
Key: SOLR-18132
URL: https://issues.apache.org/jira/browse/SOLR-18132
Project: Solr
Issue Type: Bug
Affects Versions: 9.10.1
Reporter: dmitri maziuk
In a 9.10.1 cluster with external zookeeper, SSL enabled for Solr but not for
ZK inter-node communication:
* Admin UI "Cloud" section works
* Configset API work
* Enabling auth via CLI works
Collection creation fails with unhelpful "IOException" talking to the nodes.
Turning SSL off fixes that.
The bug is that if SSL is an all-or-nothing proposition, it should fail right
away for *all* ZK communications and not "work up to a point" like it does now.
Preferably, of course, it should work with SSL enabled for Solr but not for ZK:
the cluster lives in its own sandbox and does not really need SSL internally.
SSL is enabled only because authentication is enabled on client connections to
Solr nodes and sending unencrypted creds is bad for security audits.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
