SSL Connection support for Spine ?
Moderators: Developers, Moderators
-
- Cacti User
- Posts: 234
- Joined: Mon Dec 13, 2004 3:03 pm
SSL Connection support for Spine ?
Hello,
In bug#0001646 SSL support was added for Cacti. That is great. Does Spine support SSL connections? I was unable to determine this. If not, I would like to submit a feature request to make it so!
In bug#0001646 SSL support was added for Cacti. That is great. Does Spine support SSL connections? I was unable to determine this. If not, I would like to submit a feature request to make it so!
Re: SSL Connection support for Spine ?
I guess it should be added into 1.2, but after testing it does not work for me yet
Re: SSL Connection support for Spine ?
It's there already.
Before history, there was a paradise, now dust.
Re: SSL Connection support for Spine ?
Yes it was. The original post was for 0.8.x probably given it's date. We definitely added new configuration file options for SSL keys.
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Re: SSL Connection support for Spine ?
Did anyone test it after implementation?
I've tried to play around with it and non of tested ssl spine configuration worked for me.
SSL connectivity with mysql command line tool works just fine.
Re: SSL Connection support for Spine ?
It was added as part of this:
https://github.com/Cacti/spine/issues/64
You can check out the commit here:
https://github.com/Cacti/spine/commit/7 ... 5a71c591ef
If you spot anything obviously wrong, then get it logged on GitHub referencing the original issue/commit and we can take a look at it. At the moment, I don't have SSL enabled on mysql, nor the time to implement and re-test it as i'm in the middle of 3 major migrations for clients.
https://github.com/Cacti/spine/issues/64
You can check out the commit here:
https://github.com/Cacti/spine/commit/7 ... 5a71c591ef
If you spot anything obviously wrong, then get it logged on GitHub referencing the original issue/commit and we can take a look at it. At the moment, I don't have SSL enabled on mysql, nor the time to implement and re-test it as i'm in the middle of 3 major migrations for clients.
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
-
- Posts: 1
- Joined: Sun Apr 02, 2023 12:57 am
Re: SSL Connection support for Spine ?
An SSL connection is established though a handshake (a series of communications exchanges) between the client and the server.
SSL handshake
The following diagram shows what happens during an SSL handshake:
Figure 1. SSL handshake
The client sends a request to the server for a secure session. The server responds by sending its X.509 digital certificate to the client.
The client receives the server's X.509 https://buysocialpack.net/product/buy-google-reviews/
The client authenticates the server, using a list of known certificate authorities.
The client generates a random symmetric key and encrypts it using server's public key.
The client and server now both know the symmetric key and can use the SSL encryption process to encrypt and decrypt the information contained in the client request and the server response.
CICS® Transaction Gateway supports the JSSE implementation of SSL. JSSE as supplied with the Java SDK is the only supported option. For more information, see Security.
Authentication
During server authentication, a connection is only established if the client trusts the server based on the information presented by the server to the client in its certificate.
During client authentication (if activated) the client sends its certificate information to the server. A connection is then only established if the client trusts the server and the server trusts the client, based on the information exchanged in both certificates.
Transport Layer Security (TLS)
Network connections between a JEE client and CICS can be secured by the Secure Sockets Layer (SSL) protocol, or the Transport Layer Security (TLS) protocol.
Encryption
https://buysocialpack.net/product/buy-facebook-reviews/is the scientific discipline for the study and development of ciphers, in particular, encryption and decryption algorithms. These cryptographic procedures are the essential components that enable secure communication to take place across networks that are not secure. SSL encryption uses both symmetric and asymmetric keys.
Digital signatures, certificates and key rings
SSL uses digital signatures and digital certificates for establishing a trusted relationship between a sender and a receiver of information sent over a network connection.
Cipher suites
A cipher suite is a set of ciphers (encryption algorithms) used for encrypting sensitive information. SSL uses cipher suites to ensure security and integrity of information transmitted over a network connection. Different cipher suites provide different levels of encryption.
SSL handshake
The following diagram shows what happens during an SSL handshake:
Figure 1. SSL handshake
The client sends a request to the server for a secure session. The server responds by sending its X.509 digital certificate to the client.
The client receives the server's X.509 https://buysocialpack.net/product/buy-google-reviews/
The client authenticates the server, using a list of known certificate authorities.
The client generates a random symmetric key and encrypts it using server's public key.
The client and server now both know the symmetric key and can use the SSL encryption process to encrypt and decrypt the information contained in the client request and the server response.
CICS® Transaction Gateway supports the JSSE implementation of SSL. JSSE as supplied with the Java SDK is the only supported option. For more information, see Security.
Authentication
During server authentication, a connection is only established if the client trusts the server based on the information presented by the server to the client in its certificate.
During client authentication (if activated) the client sends its certificate information to the server. A connection is then only established if the client trusts the server and the server trusts the client, based on the information exchanged in both certificates.
Transport Layer Security (TLS)
Network connections between a JEE client and CICS can be secured by the Secure Sockets Layer (SSL) protocol, or the Transport Layer Security (TLS) protocol.
Encryption
https://buysocialpack.net/product/buy-facebook-reviews/is the scientific discipline for the study and development of ciphers, in particular, encryption and decryption algorithms. These cryptographic procedures are the essential components that enable secure communication to take place across networks that are not secure. SSL encryption uses both symmetric and asymmetric keys.
Digital signatures, certificates and key rings
SSL uses digital signatures and digital certificates for establishing a trusted relationship between a sender and a receiver of information sent over a network connection.
Cipher suites
A cipher suite is a set of ciphers (encryption algorithms) used for encrypting sensitive information. SSL uses cipher suites to ensure security and integrity of information transmitted over a network connection. Different cipher suites provide different levels of encryption.
We are providing all geo country-based https://buysocialpack.net/product/buy-google-reviews/ at a reasonable price.
- TheWitness
- Developer
- Posts: 17047
- Joined: Tue May 14, 2002 5:08 pm
- Location: MI, USA
- Contact:
Re: SSL Connection support for Spine ?
So, that's an interesting explanation for what we already understand should and does happen. The feature is there already as @netniV said.
True understanding begins only when we realize how little we truly understand...
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Life is an adventure, let yours begin with Cacti!
Author of dozens of Cacti plugins and customization's. Advocate of LAMP, MariaDB, IBM Spectrum LSF and the world of batch. Creator of IBM Spectrum RTM, author of quite a bit of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Percona Device Packages (no support)
Interesting Device Packages
For those wondering, I'm still here, but lost in the shadows. Yearning for less bugs. Who want's a Cacti 1.3/2.0? Streams anyone?
Who is online
Users browsing this forum: No registered users and 2 guests