Description
Currently the only option to authenticate on the-node-to-be-added is basic auth:
--server-add-username <username>
|
The username for the server to add
|
--server-add-password <password>
|
The password for the server to add
|
Since the-node-to-be-added might be configured to use client certs for authentication, we need an option for that as well. Something like: --server-add-use-client-cert.
Note that admin doesn't need to provide the certificate/key itself. The-node-to-be-added should already be provisioned with a client certificate. The only purpose of this new option is an indication that client cert auth should be used during addition.
UPDATE:
When client certificate is selected, CLI should pass clientCertAuth=true in /addNode and /doJoinCluster calls. Username and password parameters should be skipped in this case.
Attachments
Issue Links
- blocks
-
MB-47905 Support both client certificate auth and n2n encryption at the same time
- Open