Details
-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
None
-
None
-
1
Description
For localhost connections ns_server supplies server teams like FTS the local address as 127.0.0.1 but supplies the certificate as the external IP for the node. This means that when UseTLS is set to true and the service tries to initially bootstrap then connections fail because the certificate does not match the address being used.
We should add a way that allows UseTLS to be set but performs the initial bootstrap without using TLS, that way we will establish the initial connection, fetch a config, and then (re)build all the connections using TLS.
This is interim functionality until we can add a feature to allow all localhost connections to be done over nonTLS whilst all other connections do use TLS.
Attachments
Issue Links
- blocks
-
MB-47901 FTS not indexing documents when node-to-node encryption enabled
- Closed