Description
When admin is adding nodes to the cluster, there should be an option for admin to use client certificates for authentication purposes. This should work for both addition scenarios:
In case when the node is added by the cluster, admin specifies the-node-to-be-added's password.
In case when the node is added by the node itself, admin specifies the cluster password.
The node that runs/hosts the UI dialog doesn't know if the remote node accepts client certificates. Only user/admin knows it, hence the idea that the dialog should provide both options, so admin can choose the right option. For example, it might look something like the following:
( ) Username: _____ Password: ________
(o) Use configured client certificate
In case when the current node (that hosts the UI) is provisioned with a client certificate, the option "Use configured client certificate" should be selected by default.
UPDATE:
When client certificate is selected, UI should pass clientCertAuth=true in /addNode and /doJoinCluster calls. Username and password parameters should be skipped in this case.
Attachments
Issue Links
- blocks
-
MB-47905 Support both client certificate auth and n2n encryption at the same time
- Open