Grid: secure 0mq #7856
Comments
|
@adamgoucher Could you please provide some hints on how can this be implemented? Next steps? |
|
My idea was to use the Stonehouse pattern (http://hintjens.com/blog:49#toc5) and use the certificates people were providing to speak https to the server. If you don’t speak https to the server, then you don’t care about security so just use unencrypted (Grassland) connections with 0mq.
… On Apr 21, 2020, at 11:05 AM, Diego Molina ***@***.***> wrote:
@adamgoucher Could you please provide some hints on how can this be implemented? Next steps?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Further clarifications (since I've got busy and my placeholder for myself is only useful to myself). If memory serves, we are using https://github.com/zeromq/jeromq as the java 0mq implementation. It supports 'curve' security (http://curvezmq.org/). The idea here is that if someone gives the various components certificates to run the webdriver protocol over https, that they also be used to secure communication between the various components and 0mq. (If they don't set the certificate, then they will be sending all their commands via http, so it makes little sense to go through the hassle of setting up secure internal communication.) From the jzeromq project, here are some links to show the implementation of it; |
|
@adamgoucher Are you working on this or Can I pick this issue to work? |
|
@adamgoucher @diemol I am picking up this issue. Thanks! |
|
I had to back out this change because it was causing the EndToEndTest to fail. |
The default 0mq event bus should be able to be secured via configuration.
The text was updated successfully, but these errors were encountered: