This is an automated email from the ASF dual-hosted git repository.
xiangfu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git
The following commit(s) were added to refs/heads/master by this push:
new 57364b11e8b Option to use TlsUtils renewable ssl context in
HttpsSegmentFetcher (#17315)
57364b11e8b is described below
commit 57364b11e8b66b4084e22fd69f7071b973d4e318
Author: Alex Maniates <[email protected]>
AuthorDate: Fri Dec 5 16:50:28 2025 -0500
Option to use TlsUtils renewable ssl context in HttpsSegmentFetcher (#17315)
Signed-off-by: Alex Maniates <[email protected]>
---
.../apache/pinot/common/utils/fetcher/HttpsSegmentFetcher.java | 8 +++++++-
.../src/main/java/org/apache/pinot/spi/utils/CommonConstants.java | 1 +
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git
a/pinot-common/src/main/java/org/apache/pinot/common/utils/fetcher/HttpsSegmentFetcher.java
b/pinot-common/src/main/java/org/apache/pinot/common/utils/fetcher/HttpsSegmentFetcher.java
index e6b08532a79..a9a68f19e49 100644
---
a/pinot-common/src/main/java/org/apache/pinot/common/utils/fetcher/HttpsSegmentFetcher.java
+++
b/pinot-common/src/main/java/org/apache/pinot/common/utils/fetcher/HttpsSegmentFetcher.java
@@ -23,6 +23,7 @@ import javax.net.ssl.SSLContext;
import org.apache.pinot.common.utils.ClientSSLContextGenerator;
import org.apache.pinot.common.utils.FileUploadDownloadClient;
import org.apache.pinot.common.utils.http.HttpClientConfig;
+import org.apache.pinot.common.utils.tls.TlsUtils;
import org.apache.pinot.spi.env.PinotConfiguration;
import org.apache.pinot.spi.utils.CommonConstants;
@@ -69,7 +70,12 @@ public class HttpsSegmentFetcher extends HttpSegmentFetcher {
}
}
- SSLContext sslContext = new
ClientSSLContextGenerator(sslConfig).generate();
+ SSLContext sslContext;
+ if
(config.getProperty(CommonConstants.CONFIG_OF_SSL_USE_RENEWABLE_CONTEXT,
false)) {
+ sslContext = TlsUtils.getSslContext();
+ } else {
+ sslContext = new ClientSSLContextGenerator(sslConfig).generate();
+ }
_httpClient = new
FileUploadDownloadClient(HttpClientConfig.newBuilder(config).build(),
sslContext);
super.doInit(config);
}
diff --git
a/pinot-spi/src/main/java/org/apache/pinot/spi/utils/CommonConstants.java
b/pinot-spi/src/main/java/org/apache/pinot/spi/utils/CommonConstants.java
index e2fed853b9d..f4f1d4e957e 100644
--- a/pinot-spi/src/main/java/org/apache/pinot/spi/utils/CommonConstants.java
+++ b/pinot-spi/src/main/java/org/apache/pinot/spi/utils/CommonConstants.java
@@ -36,6 +36,7 @@ public class CommonConstants {
public static final String DEFAULT_FAILURE_DOMAIN = "No such domain";
public static final String PREFIX_OF_SSL_SUBSET = "ssl";
+ public static final String CONFIG_OF_SSL_USE_RENEWABLE_CONTEXT =
"ssl.use.renewable.context";
public static final String HTTP_PROTOCOL = "http";
public static final String HTTPS_PROTOCOL = "https";
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
