|Configuring Security / Configuring Network Encryption and Authentication with SSL/TLS|
When you start a GemFire XD member, you enaable SSL for client conenctions with the system property gemfirexd.drda.sslMode (default off).
When the SSL mode is set to basic, the server only accepts SSL encrypted connections from clients.
The system properties javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword need to be set with the proper values for the server.
gfxd server start -J-Djavax.net.ssl.keyStore=serverKeyStore.key \ -J-Djavax.net.ssl.keyStorePassword=qwerty \ -J-Dgemfirexd.drda.sslMode=basic
When the server's SSL mode is set to peerAuthentication, the server authenticates its clients' identity in addition to encrypting network traffic. In this situation, the server's trust store must contain a certificate for each client which will connect.
The javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword need to be set in addition to the properties above.
gfxd server start -J-Djavax.net.ssl.keyStore=serverKeyStore.key \ -J-Djavax.net.ssl.keyStorePassword=qwerty \ -J-Djavax.net.ssl.trustStore=serverTrustStore.key \ -J-Djavax.net.ssl.trustStorePassword=qwerty \ -J-Dgemfirexd.drda.sslMode=peerAuthentication