[
https://issues.apache.org/jira/browse/ZOOKEEPER-2094?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14304001#comment-14304001
]
Hongchao Deng commented on ZOOKEEPER-2094:
------------------------------------------
I agree with [~fpj]'s idea to split the reconfiguration into a new task. Also
uploaded the patch to RB:
https://reviews.apache.org/r/30576/diff/#
I think the patch adds a "secureClientPort" static config. It would be great to
change that to fit into the dynamic config such as:
{code}
server.x = ip_addr... ; client_port [; SSL_port]
{code}
The new port should be optional. To make the transition smooth, we can use and
test it in this JIRA but throw exception in dynamic change. Then continue the
work in another JIRA.
I still have one more question about the shared ZooKeeperServer object. Maybe
[~fpj] and [~iandi] could share some thoughts.
The patch creates one CnxnFactory per client port. Now we have two sharing the
same ZKS object. Any concurrency concern?
> SSL feature on Netty
> --------------------
>
> Key: ZOOKEEPER-2094
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2094
> Project: ZooKeeper
> Issue Type: Sub-task
> Components: server
> Affects Versions: 3.4.6, 3.5.0
> Reporter: Ian Dimayuga
> Assignee: Ian Dimayuga
> Fix For: 3.5.1, 3.6.0
>
> Attachments: ZOOKEEPER-2094.patch, ZOOKEEPER-2094.patch,
> ZOOKEEPER-2094.patch, ZOOKEEPER-2094.patch, ZOOKEEPER-2094.patch,
> ZOOKEEPER-2094.patch, test.cert, testKeyStore.jks, testTrustStore.jks,
> testUntrustedKeyStore.jks
>
>
> Add SSL handler to Netty pipeline, and a default X509AuthenticationProvider
> to perform authentication.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
