...
- rest.security.protocol
- rest.ssl.keystore.location
- rest.ssl.keystore.password
- rest.ssl.keystore.type
- rest.ssl.key.password
- rest.ssl.truststore.location
- rest.ssl.truststore.password
- rest.ssl.truststore.type
- rest.ssl.enabled.protocols
- rest.ssl.provider
- rest.ssl.protocol
- rest.ssl.cipher.suites
- rest.ssl.keymanager.algorithm
- rest.ssl.secure.random.implementation
- rest.ssl.trustmanager.algorithm
- rest.ssl.clientAuthclient.auth
The rest.security.protocol
option will support only PLAINTEXT
and SSL
values. PLAINTEXT
will be the default value and will keep all SSL/TLS functionality disabled to keep the backwards compatibility.
The rest.ssl.client.auth
option would support values of required
, requested
and none
(none
being the default). It will control whether:
- the connecting client is required to do SSL/TLS client authentication (
required
) - it can decide to skip the SSL/TLS client authentication (
requested
) - the SSL/TLS authentication will be completely disabled (
none
)
This is the only authentication option suggested as part of this KIP.
The other options would follow the semantics of the same options in the Kafka broker.
...