diff options
| author |   mharazin <mateusz.harazin@nokia.com> | 2020-03-25 14:44:00 +0100 |
|---|---|---|
| committer |   kjaniak <kornel.janiak@nokia.com> | 2020-03-26 20:48:22 +0100 |
| commit | ea4a60cb697f80beb03ac6ad7744541d7851661a (patch) | |
| tree | bfe069e3e51146ef9d4a71d57579f993653906bc /docs/sections/services/ves-hv/authorization.rst | |
| parent | 03712a4f1ebfc3ad6467adbac9e47da9bb094d7c (diff) | |
Add default settings of TLS
Update troubleshooting for consul TLS disable procedure
Issue-ID: DCAEGEN2-2143
Signed-off-by: mharazin <mateusz.harazin@nokia.com>
Change-Id: I17d14824ba225d02faa1e4771dca42710687655c
Diffstat (limited to 'docs/sections/services/ves-hv/authorization.rst')
| -rw-r--r-- | docs/sections/services/ves-hv/authorization.rst | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/docs/sections/services/ves-hv/authorization.rst b/docs/sections/services/ves-hv/authorization.rst index 054f7b33..9cbd789a 100644 --- a/docs/sections/services/ves-hv/authorization.rst +++ b/docs/sections/services/ves-hv/authorization.rst @@ -1,11 +1,12 @@ - **WARNING: SSL/TLS authorization is a part of an experimental feature for ONAP Casablanca release and thus should be treated as unstable and subject to change in future releases.** +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 .. _ssl_tls_authorization: SSL/TLS authorization ===================== -HV-VES can be configured to require usage of SSL/TLS on every TCP connection. This can be done only during deployment of application container. For reference about exact commands, see :ref:`deployment`. +HV-VES requires usage of SSL/TLS on every TCP connection. This can be done only during deployment of application container. For reference about exact commands, see :ref:`deployment`. General steps for configuring TLS for HV-VES collector: @@ -19,7 +20,7 @@ General steps for configuring TLS for HV-VES collector: -HV-VES uses OpenJDK (version 8u181) implementation of TLS ciphers. For reference, see https://docs.oracle.com/javase/8/docs/technotes/guides/security/overview/jsoverview.html. +HV-VES uses OpenJDK (version 11.0.6) implementation of TLS ciphers. For reference, see https://docs.oracle.com/en/java/javase/11/security/java-security-overview1.html. If SSL/TLS is enabled for HV-VES container then service turns on also client authentication. HV-VES requires clients to provide their certificates on connection. In addition, HV-VES provides its certificate to every client during SSL/TLS-handshake to enable two-way authorization. |