[CASSANDRA-14236] C* should gradually recycle open connections after hot reloading SSL Certificates - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Low
Resolution: Unresolved
Fix Version/s: None
Component/s: Legacy/Streaming and Messaging
Labels:
- security

Description

Currently the way SSL certificate hot reloading is implemented, it only applies the new certificates to new connections. Open connections are not terminated. Immediate termination of these connections is undesirable as it will cause a thundering herd problem. We need a way to gradually drain existing connections so that the new SSL certificates are used by all connections.

Attachments

Activity

People

Assignee:: Dinesh Joshi

Reporter:: Dinesh Joshi

Authors:: Dinesh Joshi

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 16/Feb/18 01:43

Updated:: 16/Apr/19 09:29