Hi Kimmo, Yes, the certificate for the Cosmos Token Generator server is self-signed. I¹m aware it should be signed by some CA, nevertheless, AFAIK, there is no CA at FIWARE Lab. Anyway, such a server is just a wrapper for the Identity Manager, the ³official² endpoint for OAuth2 stuff. Regarding https in the WebHDFS/HttpFS interface, it could be enabled, but the problem would be the same: the certificate for this interface would be self-signed as well. In any case, I¹ll ask Identity Manager people. Regards, Francisco El 18/2/16 10:17, "Manuel Escriche (JIRA)" <jira-help-desk at fi-ware.org> escribió: > > [ >https://jira.fiware.org/browse/HELP-5912?page=com.atlassian.jira.plugin.sy >stem.issuetabpanels:all-tabpanel ] > >Manuel Escriche reassigned HELP-5912: >------------------------------------- > > Assignee: Francisco Romero > >> [Fiware-lab-help] OAuth2 authentication issue and httpfs >> -------------------------------------------------------- >> >> Key: HELP-5912 >> URL: https://jira.fiware.org/browse/HELP-5912 >> Project: Help-Desk >> Issue Type: extRequest >> Components: FIWARE-LAB-HELP >> Reporter: FW External User >> Assignee: Francisco Romero >> >> Hello, >> I'm working in a INCENSe project where the aim is to run Big Data >>analysis on a set of customer data. The data should be handled in a >>protected manner. As far as I've understood, the httpfs server on >>cosmos.lab.fiware.org:14000 supports OAuth2 authentication, so so far >>things look good. However, there's an issue with the SSL certificate for >>the Cosmos Tokens Generator on cosmos.lab.fiware.org:13000. The server >>uses a self-signed certificate, making it impossible to verify the >>server's identity. Is this really true? If there's no way to verify the >>OAuth2 server's identity, the authentication is open to >>man-in-the-middle-attack, and thus not suitable for secure data. >> Second question: does the https server on cosmos.lab.fiware.org:14000 >>support https transport? >> Regards, >> Kimmo Surakka >> Since January 1st, old domains won't be supported and messages sent to >>any domain different to @lists.fiware.org will be lost. >> Please, send your messages using the new domain >>(Fiware-lab-help at lists.fiware.org) instead of the old one. >> _______________________________________________ >> Fiware-lab-help mailing list >> Fiware-lab-help at lists.fiware.org >> https://lists.fiware.org/listinfo/fiware-lab-help >> [Created via e-mail received from: Kimmo Surakka >><Kimmo.Surakka at fourdeg.com>] > > > >-- >This message was sent by Atlassian JIRA >(v6.4.1#64016) ________________________________ Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy