Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make rustls as default TLS #3113

Open
sehz opened this issue Mar 31, 2023 · 8 comments
Open

make rustls as default TLS #3113

sehz opened this issue Mar 31, 2023 · 8 comments
Assignees
@digikata
Labels
help wanted Good issue for community involvement network no-issue-activity no-stale Opt-out of closing issue due to no activity

Comments

@sehz
Copy link
Contributor

sehz commented Mar 31, 2023

With latest release, rustls support IP address certs which in the past, prevent being used in the Kubernetes env.
@sehz sehz added help wanted Good issue for community involvement network labels Mar 31, 2023
@sehz sehz added this to the 0.10.8 milestone Apr 16, 2023
@ozgrakkurt
Copy link
Contributor

related to #3091

@ozgrakkurt
Copy link
Contributor

@sehz Do we want to keep optional openssl or should it be rustls only?

Also it is not possible to get rid of openssl from repo because we depend on cargo-generate which doesn't seem to be able to work without openssl.

@sehz
Copy link
Contributor Author

sehz commented Apr 17, 2023

We should keep openssl. Not sure relevance to cargo generate

@ozgrakkurt ozgrakkurt mentioned this issue Apr 17, 2023
Closed
@sehz sehz modified the milestones: 0.10.8, 0.10.9 May 1, 2023
@sehz sehz modified the milestones: 0.10.9, 0.10.10 May 13, 2023
@smndtrl
Copy link

smndtrl commented May 29, 2023

Just wanted to let you know I stumbled upon issues with openssl in our builds as there's no libssl in our new builder and base images. For now that's not a huge problem as we only intend to run our connectors as static binaries in containers starting first release in CY23 Q3

Looking forward to this

@sehz sehz modified the milestones: 0.10.10, 0.10.11 Jun 2, 2023
@digikata
Copy link
Contributor

Probably good to tackle this a crate at a time

@github-actions
Copy link

Stale issue message

@github-actions GitHub Actions
Copy link

Stale issue message

@digikata digikata added the no-stale Opt-out of closing issue due to no activity label Nov 27, 2023
@digikata
Copy link
Contributor

digikata commented Dec 4, 2023
edited
Loading

A new release https://github.com/rustls/rustls/releases/tag/v/0.22.0 (mentioned by Seyho here https://infinyon.slack.com/archives/CQ8UX6SBH/p1701539652032509)

Making rustls the default build config would reduce maintenance for cross platform builds, as well as surface area for security updates in dependencies.

Changes may need to be made in reference to: (though that crate is already configurable for rusttls)
https://github.com/infinyon/future-aio (fluvio-future crate) as well as in this fluvio repo.

digikata added a commit that referenced this issue Dec 4, 2023
@digikata
chore: change default tls features to rustls
a772640 
closes #3113
@digikata digikata mentioned this issue Dec 4, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@digikata digikata

Labels
help wanted Good issue for community involvement network no-issue-activity no-stale Opt-out of closing issue due to no activity
Projects
None yet
Milestone
No milestone
4 participants
@digikata @sehz @smndtrl @ozgrakkurt