wmccarley commented on a change in pull request #12355:
URL: https://github.com/apache/pulsar/pull/12355#discussion_r747789988
##########
File path:
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/ServiceConfiguration.java
##########
@@ -1074,6 +1074,52 @@
doc = "Specify whether Client certificates are required for TLS
Reject.\n"
+ "the Connection if the Client Certificate is not trusted")
private boolean tlsRequireTrustedClientCertOnConnect = false;
+ @FieldContext(
+ category = CATEGORY_TLS,
+ doc = "Print the entire trust chain for the client's certificate
in\n"
+ + "the application logs when authenticating\n"
+ + "Default value is 0 (off)")
+ private boolean tlsLogEntireCertificateChain = false;
+ @FieldContext(
+ category = CATEGORY_TLS,
+ doc = "If set to a positive non-zero value, the broker will print
a warning in\n"
+ + "the application logs and increment a Prometheus counter if
the client's\n"
+ + "certificate is within this many milliseconds of
expiration.\n"
+ + "Default value is 0 (off)")
+ private long tlsPrintWarnOnClientCertNearingExpirationMillis = 0;
Review comment:
Added negative checks.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
