如何使用 SSL 支持配置 akkacluster
How to configure akkacluster using SSL support
我正在为我的游戏框架项目寻找使用 akka 的集群设置。我想知道如何支持可插入的 SSL 传输支持。我在看
http://doc.akka.io/docs/akka/snapshot/scala/remoting.html 累了一些配置。
这是我的示例配置:
akka {
loglevel = ERROR
actor.provider = "akka.cluster.ClusterActorRefProvider"
remote {
enabled-transports = ["akka.remote.netty.tcp"]
enabled-transports = [akka.remote.netty.ssl]
netty.ssl.tcp {
hostname = "127.0.0.1"
enable-ssl = true
}
netty.ssl.security {
key-store = "mykeystore"
trust-store = "mytruststore"
key-store-password = "changeme"
key-password = "changeme"
trust-store-password = "changeme"
protocol = "TLSv1"
random-number-generator = "AES128CounterSecureRNG"
enabled-algorithms = [TLS_RSA_WITH_AES_128_CBC_SHA]
}
}
cluster {
auto-down = on
akka.cluster.auto-down-unreachable-after = 5s
}
}
我这样启动服务器:
activator -Dnode.id=1 -Dhttp.port=9000 -Dakka.remote.netty.tcp.port=2551 -Dakka.cluster.seed-nodes.0="akka.ssl.tcp://application@127.0.0.1:2551" run
我不确定我还缺少什么。当我的会员处于 UP
时,我看不到我的活动
我参考了以下实现:
https://github.com/zarinfam/play-akka-cluster-pub-sub
求推荐。
我使用以下 configuration.Also 生成了以下正确的证书:http://docs.oracle.com/cd/E19528-01/819-4733/6n6s6u1gl/index.html
另请注意:您需要设置密钥库和信任库,定义要使用的 SSL/TLS 版本并设置启用的算法。这些设置直接对应于 JSSE 配置,记录在此处:http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html
这是我的配置:
akka {
log-dead-letters = on
loglevel = INFO
actor.provider = "akka.cluster.ClusterActorRefProvider"
remote {
#enabled-transports = ["akka.remote.netty.tcp"]
enabled-transports = [akka.remote.netty.ssl]
log-remote-lifecycle-events =on
netty.tcp {
hostname = "core06"
enable-ssl = true
}
netty.ssl = ${akka.remote.netty.tcp}
netty.ssl = {
# Enable SSL/TLS encryption.
# This must be enabled on both the client and server to work.
enable-ssl = true
security {
# This is the Java Key Store used by the server connection
key-store = "keystore.jks"
# This password is used for decrypting the key store
key-store-password = "changeit"
# This password is used for decrypting the key
key-password = "changeit"
# This is the Java Key Store used by the client connection
trust-store = "cacerts.jks"
# This password is used for decrypting the trust store
trust-store-password = "changeit"
# Protocol to use for SSL encryption, choose from:
# Java 6 & 7:
# 'SSLv3', 'TLSv1'
# Java 7:
# 'TLSv1.1', 'TLSv1.2'
protocol = "TLSv1"
# Example: ["TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"]
# You need to install the JCE Unlimited Strength Jurisdiction Policy
# Files to use AES 256.
# More info here:
# http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJCEProvider
enabled-algorithms = ["TLS_RSA_WITH_AES_128_CBC_SHA"]
random-number-generator = "AES128CounterSecureRNG"
}
}
}
cluster {
seed-nodes = [
"akka.ssl.tcp://application@core06:2551",
"akka.ssl.tcp://application@core06:2552"
]
#auto-down = on
auto-down-unreachable-after = 5s
}
}
希望这对以后的任何人都有帮助。
干杯!
我正在为我的游戏框架项目寻找使用 akka 的集群设置。我想知道如何支持可插入的 SSL 传输支持。我在看 http://doc.akka.io/docs/akka/snapshot/scala/remoting.html 累了一些配置。
这是我的示例配置:
akka {
loglevel = ERROR
actor.provider = "akka.cluster.ClusterActorRefProvider"
remote {
enabled-transports = ["akka.remote.netty.tcp"]
enabled-transports = [akka.remote.netty.ssl]
netty.ssl.tcp {
hostname = "127.0.0.1"
enable-ssl = true
}
netty.ssl.security {
key-store = "mykeystore"
trust-store = "mytruststore"
key-store-password = "changeme"
key-password = "changeme"
trust-store-password = "changeme"
protocol = "TLSv1"
random-number-generator = "AES128CounterSecureRNG"
enabled-algorithms = [TLS_RSA_WITH_AES_128_CBC_SHA]
}
}
cluster {
auto-down = on
akka.cluster.auto-down-unreachable-after = 5s
}
}
我这样启动服务器:
activator -Dnode.id=1 -Dhttp.port=9000 -Dakka.remote.netty.tcp.port=2551 -Dakka.cluster.seed-nodes.0="akka.ssl.tcp://application@127.0.0.1:2551" run
我不确定我还缺少什么。当我的会员处于 UP
时,我看不到我的活动我参考了以下实现: https://github.com/zarinfam/play-akka-cluster-pub-sub
求推荐。
我使用以下 configuration.Also 生成了以下正确的证书:http://docs.oracle.com/cd/E19528-01/819-4733/6n6s6u1gl/index.html 另请注意:您需要设置密钥库和信任库,定义要使用的 SSL/TLS 版本并设置启用的算法。这些设置直接对应于 JSSE 配置,记录在此处:http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html
这是我的配置:
akka {
log-dead-letters = on
loglevel = INFO
actor.provider = "akka.cluster.ClusterActorRefProvider"
remote {
#enabled-transports = ["akka.remote.netty.tcp"]
enabled-transports = [akka.remote.netty.ssl]
log-remote-lifecycle-events =on
netty.tcp {
hostname = "core06"
enable-ssl = true
}
netty.ssl = ${akka.remote.netty.tcp}
netty.ssl = {
# Enable SSL/TLS encryption.
# This must be enabled on both the client and server to work.
enable-ssl = true
security {
# This is the Java Key Store used by the server connection
key-store = "keystore.jks"
# This password is used for decrypting the key store
key-store-password = "changeit"
# This password is used for decrypting the key
key-password = "changeit"
# This is the Java Key Store used by the client connection
trust-store = "cacerts.jks"
# This password is used for decrypting the trust store
trust-store-password = "changeit"
# Protocol to use for SSL encryption, choose from:
# Java 6 & 7:
# 'SSLv3', 'TLSv1'
# Java 7:
# 'TLSv1.1', 'TLSv1.2'
protocol = "TLSv1"
# Example: ["TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA"]
# You need to install the JCE Unlimited Strength Jurisdiction Policy
# Files to use AES 256.
# More info here:
# http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJCEProvider
enabled-algorithms = ["TLS_RSA_WITH_AES_128_CBC_SHA"]
random-number-generator = "AES128CounterSecureRNG"
}
}
}
cluster {
seed-nodes = [
"akka.ssl.tcp://application@core06:2551",
"akka.ssl.tcp://application@core06:2552"
]
#auto-down = on
auto-down-unreachable-after = 5s
}
}
希望这对以后的任何人都有帮助。
干杯!