Skip to content

Setup ScyllaDB with mTLS for node to node communication #2434

New issue
New issue
Open
Open
Setup ScyllaDB with mTLS for node to node communication#2434
Labels
kind/epicCategorizes issue as an epic.lifecycle/from-migrationIndicates that this issue is a copy of a corresponding issue mentioned in the description.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.triage/acceptedIndicates an issue or PR is ready to be actively worked on.
@mflendrich

Description

@mflendrich
mflendrich
opened on Feb 4, 2025

Issue originally authored by tnozicka as #1217

Is this a bug report or feature request?

  • Feature Request

What should the feature do:
We need to setup ScyllaDB with node to node mTLS to make sure the node communication on our shared platform is encrypted and authenticated.

This also prevents nodes to accidentally join a different cluster which can happen when there is no authentication and IPs are eventually reused. (If dc name matches.)

We should enable node-to-node encryption by default and only have fallback option to use insecure one instead.

https://docs.scylladb.com/stable/operating-scylla/security/node-node-encryption.html

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/epicCategorizes issue as an epic.lifecycle/from-migrationIndicates that this issue is a copy of a corresponding issue mentioned in the description.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.triage/acceptedIndicates an issue or PR is ready to be actively worked on.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions