mcvsubbu commented on a change in pull request #3675: Sslbranch
URL: https://github.com/apache/incubator-pinot/pull/3675#discussion_r288681355
##########
File path:
pinot-broker/src/main/java/com/linkedin/pinot/broker/broker/BrokerAdminApiApplication.java
##########
@@ -57,10 +65,30 @@ protected void configure() {
registerClasses(io.swagger.jaxrs.listing.SwaggerSerializers.class);
}
+ public void setSSLConfigs(String keyStoreFile, String keyStorePass, String
trustStoreFile, String trustStorePass) {
+ _useHTTPS = true;
+ _keyStoreFile = keyStoreFile;
+ _keyStorePass = keyStorePass;
+ _trustStoreFile = trustStoreFile;
+ _trustStorePass = trustStorePass;
+ }
+
public void start(int httpPort) {
Preconditions.checkArgument(httpPort > 0);
- _baseUri = URI.create("http://0.0.0.0:"; + httpPort + "/");
- _httpServer = GrizzlyHttpServerFactory.createHttpServer(_baseUri, this);
+
+ if (_useHTTPS) {
Review comment:
If I am reading this right, we start one server that serves _either_ https
_or_ http. How will existing installations migrate to the new broker? Should we
not be starting _both_ http and https servers, so that the PQL clients can
first move to https, and then the brokers can be configured to serve https
only? So we need an http as well as https port.
The start() method must be maintained backward compatibile, so one way to do
this is to introduce a new method that provides two ports. We may deprecate
the existing method or just retain it, just not starting https if it is called.
Correct me if I am wrong.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
