This is an automated email from the ASF dual-hosted git repository. spmallette pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tinkerpop.git
commit c2397d2ae861795cb8b9e9f19a5b412290d7bb3d Author: Stephen Mallette <[email protected]> AuthorDate: Tue Aug 24 13:16:48 2021 -0400 Clarified docs around the default certs installed if a TrustManager isn't specified to the gremlin-driver CTR --- docs/src/reference/gremlin-applications.asciidoc | 2 +- .../main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/src/reference/gremlin-applications.asciidoc b/docs/src/reference/gremlin-applications.asciidoc index ad95ff5..ffce0c0 100644 --- a/docs/src/reference/gremlin-applications.asciidoc +++ b/docs/src/reference/gremlin-applications.asciidoc @@ -1018,7 +1018,7 @@ The following table describes the various YAML configuration options that Gremli |ssl.needClientAuth | Optional. One of NONE, REQUIRE. Enables client certificate authentication at the enforcement level specified. Can be used in combination with Authenticator. |_none_ |ssl.sslCipherSuites |The list of JSSE ciphers to support for SSL connections. If specified, only the ciphers that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_ |ssl.sslEnabledProtocols |The list of SSL protocols to support for SSL connections. If specified, only the protocols that are listed and supported will be enabled. If not specified, the JVM default is used. |_none_ -|ssl.trustStore |Required when needClientAuth is REQUIRE. Trusted certificates for verifying the remote endpoint's certificate. If this value is not provided and SSL is enabled, the default `TrustManager` will be used. |_none_ +|ssl.trustStore |Required when needClientAuth is REQUIRE. Trusted certificates for verifying the remote endpoint's certificate. If this value is not provided and SSL is enabled, the default `TrustManager` will be used, which will have a set of common public certificates installed to it. |_none_ |ssl.trustStorePassword |The password of the `trustStore` if it is password-protected |_none_ |strictTransactionManagement |Set to `true` to require `aliases` to be submitted on every requests, where the `aliases` become the scope of transaction management. |false |threadPoolBoss |The number of threads available to Gremlin Server for accepting connections. Should always be set to `1`. |1 diff --git a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java index d08c89c..eaa5e99 100644 --- a/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java +++ b/gremlin-driver/src/main/java/org/apache/tinkerpop/gremlin/driver/Cluster.java @@ -713,8 +713,10 @@ public final class Cluster { } /** - * File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided and - * SSL is enabled, the default {@link TrustManager} will be used. + * File location for a SSL Certificate Chain to use when SSL is enabled. If this value is not provided (or + * is set to {@code null} and SSL is enabled, the default {@code TrustManager} will be used, which will have + * a set of common public certificates installed to it. + * * @deprecated As of release 3.2.10, replaced by {@link #trustStore} */ @Deprecated @@ -781,7 +783,8 @@ public final class Cluster { /** * The file location for a SSL Certificate Chain to use when SSL is enabled. If - * this value is not provided and SSL is enabled, the default {@link TrustManager} will be used. + * this value is not provided and SSL is enabled, the default {@code TrustManager} will be used, which will + * have a set of common public certificates installed to it. */ public Builder trustStore(final String trustStore) { this.trustStore = trustStore;
