We have a number of services which will need TLS integration. This issue tracks that integration:
Nexus
Nexus exposes an external server for servicing client requests, as well as an internal server for handling requests from sled agents. Both should exclusively use encrypted traffic.
Agents
Sled Agent, Bootstrap Agent, Oximeter and others (e.g., the to-be-created SP agent, possibly?) employ cross-machine communication, and will need TLS integration to securely communicate.
CockroachDB
For development purposes, we use the --insecure flag when deploying CockroachDB instances. However, in the limit, we should ensure that we can safely deploy Cockroach instances using exclusively encrypted traffic.
Blocked on...
We have a number of services which will need TLS integration. This issue tracks that integration:
Nexus
Nexus exposes an external server for servicing client requests, as well as an internal server for handling requests from sled agents. Both should exclusively use encrypted traffic.
Agents
Sled Agent, Bootstrap Agent, Oximeter and others (e.g., the to-be-created SP agent, possibly?) employ cross-machine communication, and will need TLS integration to securely communicate.
CockroachDB
For development purposes, we use the --insecure flag when deploying CockroachDB instances. However, in the limit, we should ensure that we can safely deploy Cockroach instances using exclusively encrypted traffic.
Blocked on...