eolivelli commented on a change in pull request #2235: [bookie-server] add
support of client auto cert refresh
URL: https://github.com/apache/bookkeeper/pull/2235#discussion_r363996687
##########
File path:
bookkeeper-server/src/test/java/org/apache/bookkeeper/tls/TestTLS.java
##########
@@ -386,6 +389,67 @@ public void testRefreshDurationForBookieCerts() throws
Exception {
newTlsKeyFile.delete();
}
+ /**
+ * Verify Bookkeeper-client refreshes certs at configured duration.
+ */
+ @Test
+ public void testRefreshDurationForBookkeeperClientCerts() throws Exception
{
+ Assume.assumeTrue(serverKeyStoreFormat == KeyStoreType.PEM);
+
+ ClientConfiguration clientConf = new
ClientConfiguration(baseClientConf);
+ String originalTlsCertFilePath =
baseClientConf.getTLSCertificatePath();
+ String invalidClientCert = getResourcePath("server-cert.pem");
+ File originalTlsCertFile = new File(originalTlsCertFilePath);
+ File newTlsCertFile =
IOUtils.createTempFileAndDeleteOnExit(originalTlsCertFilePath, "refresh");
+ // clean up temp file even if test fails
+ newTlsCertFile.deleteOnExit();
+ File invalidClientCertFile = new File(invalidClientCert);
+ // copy invalid cert to new temp file
+ FileUtils.copyFile(invalidClientCertFile, newTlsCertFile);
+ long refreshDurationInSec = 2;
+ clientConf.setTLSCertFilesRefreshDurationSeconds(1);
+ clientConf.setTLSCertificatePath(newTlsCertFile.getAbsolutePath());
+
+ // create a bookkeeper-client
+ BookKeeper client = new BookKeeper(clientConf);
Review comment:
Can we close this handle in a try-with-resources block? (Maybe fixing other
cases in this file?)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
