nodece opened a new pull request, #19485: URL: https://github.com/apache/pulsar/pull/19485
Fixes #19480 ### Motivation In the old version, if the user wants to use the TLS transport, the user must use the `AuthenticationTls`. In Pulsar 2.11, I submitted #15634, and #16833 to split the TLS transport from the `Authentication`, the user can set the TLS transport with any `Authentication`. During the improvement, I did not pass the KeyStore config to `NettySSLContextAutoRefreshBuilder` in the `DirectProxyHandler`, and did not improve the order in which the KeyStore is loaded, so the proxy cannot work fine. ### Modifications - Improve the load of the KeyStore, `authData.getTlsKeyStoreParams()` take precedence over the config file - Pass the KeyStore config to `NettySSLContextAutoRefreshBuilder` ### Verifying this change - [x] Make sure that the change passes the CI checks. Added the `ProxyKeyStoreTlsTransportTest` to cover this change. ### Documentation <!-- DO NOT REMOVE THIS SECTION. CHECK THE PROPER BOX ONLY. --> - [ ] `doc` <!-- Your PR contains doc changes. --> - [ ] `doc-required` <!-- Your PR changes impact docs and you will update later --> - [x] `doc-not-needed` <!-- Your PR changes do not impact docs --> - [ ] `doc-complete` <!-- Docs have been already added --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
