You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/modules/zookeeper/pages/usage_guide/configuration_environment_overrides.adoc
+17Lines changed: 17 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -37,6 +37,23 @@ servers:
37
37
replicas: 1
38
38
----
39
39
40
+
==== Turn off quorum hostname verification
41
+
42
+
In the past we have noticed problems with mutual TLS in quorums, notably with the hostname verification.
43
+
We reported the problems upstream in https://issues.apache.org/jira/browse/ZOOKEEPER-4790[ZOOKEEPER-4790].
44
+
45
+
A workaround - until the problem is fixed - is to turn of hostname verification for the quorum.
46
+
47
+
WARNING: This imposes a security risk, so we don't disable the check default.
48
+
49
+
[source,yaml]
50
+
----
51
+
servers:
52
+
configOverrides:
53
+
zoo.cfg:
54
+
ssl.quorum.hostnameVerification: "false"
55
+
----
56
+
40
57
All property values must be strings.
41
58
42
59
For a full list of configuration options we refer to the Apache ZooKeeper https://zookeeper.apache.org/doc/r3.9.2/zookeeperAdmin.html#sc_configuration[Configuration Reference].
0 commit comments