[
https://issues.apache.org/jira/browse/ZOOKEEPER-4954?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Istvan Toth updated ZOOKEEPER-4954:
-----------------------------------
Description:
Zookeeper has two ways to enable hostname verification:
The traditional one is set in ZKTrustManager when a custome truststore is used.
The FIPS style one is used when when FIPs mode is set.
However, there is currently no way to specify hostname verification when no
custom truststore is used.
The FIPS style hostname verification does not depend on having a truststore
defined, and can be used as a fallback when no custom trustore and no FIPS mode
is configured.
was:
Zookeeper has two ways to enable hostname verification:
The traditional one is set on the truststore object and is used withÂ
> Use FIPS style hostname verification when no custom truststore is specified
> ---------------------------------------------------------------------------
>
> Key: ZOOKEEPER-4954
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4954
> Project: ZooKeeper
> Issue Type: Improvement
> Reporter: Istvan Toth
> Assignee: Istvan Toth
> Priority: Major
> Labels: pull-request-available
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Zookeeper has two ways to enable hostname verification:
> The traditional one is set in ZKTrustManager when a custome truststore is
> used.
> The FIPS style one is used when when FIPs mode is set.
> However, there is currently no way to specify hostname verification when no
> custom truststore is used.
> The FIPS style hostname verification does not depend on having a truststore
> defined, and can be used as a fallback when no custom trustore and no FIPS
> mode is configured.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
