XComp commented on code in PR #23961:
URL: https://github.com/apache/flink/pull/23961#discussion_r1433172828
##########
flink-end-to-end-tests/test-scripts/common_ssl.sh:
##########
@@ -67,8 +67,15 @@ function _set_conf_ssl_helper {
keytool -importcert -keystore "${ssl_dir}/node.keystore" -storepass
${password} -file "${ssl_dir}/ca.cer" -alias ca -noprompt
keytool -importcert -keystore "${ssl_dir}/node.keystore" -storepass
${password} -file "${ssl_dir}/node.cer" -alias node -noprompt
+ local additional_params
+ additional_params=""
+ if [[ "$(openssl version)" =~ OpenSSL\ 3 ]]; then
Review Comment:
I was wondering that as well. But I thought that we would have to revisit
the issue anyway, if OpenSSL 4 comes out. I would assume that the legacy
algorithms might be gone by then. :thinking:
But thinking about it once more - you might be right: It would fall back to
having no parameter which is probably also not what we want. I'm gonna change
it to using `-legacy` also for versions 4.x+. Either `-legacy` works also then
or it would fail because of an unknown parameter error which is more explicit.
:+1:
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
