nodece commented on pull request #13740: URL: https://github.com/apache/pulsar/pull/13740#issuecomment-1060321088
> @nodece Please create any new Jetty related classes in `pulsar-broker-common` module instead of `pulsar-common` module. Switch to use package name `org.apache.pulsar.jetty.tls` since these classes are about TLS support in Jetty. We should remove any references to Jetty modules in `pulsar-common` since that is a shared module also used on the client. Jetty shouldn't be pulled in to the client dependencies. Please remove the existing `jetty-util` dependency from `pulsar-common`. /cc @codelipenghui > > These changes should be only done in master branch. For maintenance branches (branch-2.9, branch-2.8), the workaround for the handshake issues on Mac could be to stick to TLSv1.2 protocol and remove TLSv1.3 from configured protocols. In TLSv1.3, the handshake works differently. More details in https://lists.apache.org/thread/30dzw87pxlthg7gops6zfy04pmw7fbt6 . TLSv1.3 also drops support for SHA-1 certificates and will refuse to handshake when certificates are invalid. Thanks for your review, their comments have been fixed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
