Testing to confirm that mTLS works in Vector to Vector connections.
Alice and Bob are mutually authenticated using their own TLS self signed
certificates. A malicious attacker, Mallory, can not impersonate Alice, nor
can they impersonate Bob if both Alice and bob set
tls.verify_certificate = true
and set tls.ca_file
to the other's self signed
certificate.
docker-compose up -d
docker-compose logs -f
# check out Alice, who produces logs and writes them to Bob
vector top --url http://localhost:8686/graphql
# check out Bob, who receives logs from Alice and writes them to the console
vector top --url http://localhost:8687/graphql
Passwords for the *-key.pem
files:
alice
robert
mallory
Without the encrypted key:
openssl req -nodes -new -x509 -keyout server.key -out server.cert
openssl req -nodes -new -x509 -keyout client.key -out client.cert