Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-6238

Proxy profile: still allows to use rsConnectionSecurity:none whilst use-mutual-tls is true

    Details

    • Type: Bug
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: proxy, setup
    • Labels:

      Description

      Found with rev 054825e4d76

      With the ds-proxy-profile, the use-mutual-tls is set to true by default.
      Setting up this profile should forbid to use rsConnectionSecurity:none

      ./PROXY1/opendj/setup --profile ds-proxy-server  --set ds-proxy-server/rsConnectionSecurity:none* --set ds-proxy-server/replicationServers:"nameserver.example.com:4448" --set ds-proxy-server/primaryGroupId:"1" --set ds-proxy-server/rsBindDn:"uid=admin" --set ds-proxy-server/rsBindPassword:"password" --set ds-proxy-server/proxyUserBindPassword:"password" --trustAll  -h nameserver.example.com -p 1392 -D "uid=admin" -w password --adminConnectorPort 4447 --monitorUserDn "uid=Monitor" --monitorUserPassword password  -O 
      
      Validating parameters..... Done
      Configuring certificates..... Done
      Configuring server..... Done
      Configuring profile DS proxy server..... Done
      
      To see basic server status and configuration, you can launch
      /local/GIT/pyforge/results/20190426-161811/proxy_group/ReplicationDiscovery/PROXY1/opendj/bin/status
      
      

      To reproduce and have all the servers set up and configured, you can use:

      ./run-pybot.py -n -v -s proxy_group.ReplicationDiscovery -t Verify_Preferred_Group_Id_Is_Chosen opendj
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cedric.tran-xuan Cedric Tran-Xuan
                Reporter:
                cforel carole forel
                QA Assignee:
                Michal Severin
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: