Jennifer88huang commented on a change in pull request #5091: [doc] Improve
Pulsar Security Encryption
URL: https://github.com/apache/pulsar/pull/5091#discussion_r321193466
##########
File path: site2/docs/security-encryption.md
##########
@@ -26,17 +26,23 @@ Pulsar does not store the encryption key anywhere in the
pulsar service. If you
## Here are the steps to get started:
-1. Create your ECDSA or RSA public/private key pair.
+1. Enter the commands below to create your ECDSA or RSA public and private key
pair.
```shell
openssl ecparam -name secp521r1 -genkey -param_enc explicit -out
test_ecdsa_privkey.pem
openssl ec -in test_ecdsa_privkey.pem -pubout -outform pkcs8 -out
test_ecdsa_pubkey.pem
```
+
2. Add the public and private key to the key management and configure your
producers to retrieve public keys and consumers clients to retrieve private
keys.
-3. Implement CryptoKeyReader::getPublicKey() interface from producer and
CryptoKeyReader::getPrivateKey() interface from consumer, which will be invoked
by Pulsar client to load the key.
+
+3. Implement CryptoKeyReader::getPublicKey() interface from producer and
CryptoKeyReader::getPrivateKey() interface from consumer, which Pulsar client
invokes to load the key.
+
4. Add encryption key to producer configuration:
conf.addEncryptionKey("myapp.key")
-5. Add CryptoKeyReader implementation to producer/consumer config:
conf.setCryptoKeyReader(keyReader)
+
+5. Add CryptoKeyReader implementation to producer or consumer config:
conf.setCryptoKeyReader(keyReader)
Review comment:
do we need to add a period at the end of the sentence?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
