[
https://issues.apache.org/jira/browse/CALCITE-2285?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497154#comment-16497154
]
Karan Mehta commented on CALCITE-2285:
--------------------------------------
Jetty offers client/server classes which allow dynamic reloading of
{{SslContextFactory}} when ever new certificates are loaded, especially for
short lived certificates. Avatica Client depends on Apache HttpClient lib,
which doesn't offer that feature. Long running Java clients can potentially run
into issues with this.
Any thoughts/ideas? [~alexaraujo] [~risdenk]
I am currently looking into other potential ideas and will post soon.
> Support client cert keystore for Avatica Client
> -----------------------------------------------
>
> Key: CALCITE-2285
> URL: https://issues.apache.org/jira/browse/CALCITE-2285
> Project: Calcite
> Issue Type: Improvement
> Components: avatica
> Reporter: Karan Mehta
> Assignee: Karan Mehta
> Priority: Major
>
> Currently Avatica only supports adding trust-store in {{SSLContext}} in all
> {{AvaticaHttpClient}} implementations. If keystore support it added, MTLS
> connections can be established as well.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
