search

pegasystems / docker-pega-web-ready

Docker project for generating a tomcat docker image for Pega
Apache License 2.0
56 stars 101 forks source link

US-624029 : SSL and NIST SP 800-53 and NIST SP 800-131 support for Clustering Service #221

Open vnihal72 opened 1 month ago

vnihal72 commented 1 month ago

US-624029 : SSL and NIST SP 800-53 and NIST SP 800-131 support for Clustering Service

kingakowalska1 commented 1 month ago

Hi Vihal, Here are my suggestions for the readme:

Line 219: HZ_SSL_ENABLED | Flag to enable SSL between Hazelcast and Infinity | false HZ_SSL_PROTOCOL | To set SSL protocol | HZ_SSL_CUSTOM_CLASS | SSL context factory class fully qualified name | com.pega.hazelcast.v5.nio.ssl.BasicSSLContextFactory HZ_SSL_KEY_STORE_NAME | SSL keystore name | HZ_SSL_KEYSTORE_PASSWORD | SSL keystore password | HZ_SSL_ALGO | SSL algorithm name | HZ_SSL_TRUST_STORE_NAME | SSL truststore name | HZ_SSL_TRUSTSTORE_PASSWORD | SSL truststore password | HIGHLY_SECURE_CRYPTO_MODE_ENABLED | Flag to enable Higly secured connection complying NIST SP 800-53 and NIST SP 800-131 | false

To:

HZ_SSL_ENABLED | Set to true to enable SSL between the Clustering Service and Pega Platform. | false HZ_SSL_PROTOCOL | The SSL protocol for the Clustering Service. For example, TLS. | HZ_SSL_CUSTOM_CLASS | SSL context factory class fully qualified name | com.pega.hazelcast.v5.nio.ssl.BasicSSLContextFactory HZ_SSL_KEY_STORE_NAME | SSL keystore name | HZ_SSL_KEYSTORE_PASSWORD | SSL keystore password | HZ_SSL_ALGO | SSL algorithm name | HZ_SSL_TRUST_STORE_NAME | SSL truststore name | HZ_SSL_TRUSTSTORE_PASSWORD | SSL truststore password | HIGHLY_SECURE_CRYPTO_MODE_ENABLED | Set to true to enable highly secure encryption mode that complies with NIST SP 800-53 and NIST SP 800-131. | false

Thanks! Kinga

vnihal72 commented 2 weeks ago

Hi Vihal, Here are my suggestions for the readme:

Line 219: HZ_SSL_ENABLED | Flag to enable SSL between Hazelcast and Infinity | false HZ_SSL_PROTOCOL | To set SSL protocol | HZ_SSL_CUSTOM_CLASS | SSL context factory class fully qualified name | com.pega.hazelcast.v5.nio.ssl.BasicSSLContextFactory HZ_SSL_KEY_STORE_NAME | SSL keystore name | HZ_SSL_KEYSTORE_PASSWORD | SSL keystore password | HZ_SSL_ALGO | SSL algorithm name | HZ_SSL_TRUST_STORE_NAME | SSL truststore name | HZ_SSL_TRUSTSTORE_PASSWORD | SSL truststore password | HIGHLY_SECURE_CRYPTO_MODE_ENABLED | Flag to enable Higly secured connection complying NIST SP 800-53 and NIST SP 800-131 | false

To:

HZ_SSL_ENABLED | Set to true to enable SSL between the Clustering Service and Pega Platform. | false HZ_SSL_PROTOCOL | The SSL protocol for the Clustering Service. For example, TLS. | HZ_SSL_CUSTOM_CLASS | SSL context factory class fully qualified name | com.pega.hazelcast.v5.nio.ssl.BasicSSLContextFactory HZ_SSL_KEY_STORE_NAME | SSL keystore name | HZ_SSL_KEYSTORE_PASSWORD | SSL keystore password | HZ_SSL_ALGO | SSL algorithm name | HZ_SSL_TRUST_STORE_NAME | SSL truststore name | HZ_SSL_TRUSTSTORE_PASSWORD | SSL truststore password | HIGHLY_SECURE_CRYPTO_MODE_ENABLED | Set to true to enable highly secure encryption mode that complies with NIST SP 800-53 and NIST SP 800-131. | false

Thanks! Kinga

Hi @kingakowalska1 ,

Above recommended changes are made, please approve the PR.

Thanks, Nihal

pega-chikv commented 12 hours ago

@taz-pega-work can you provide your approval?