exceptionfactory commented on a change in pull request #4594:
URL: https://github.com/apache/nifi/pull/4594#discussion_r503322190
##########
File path:
nifi-nar-bundles/nifi-cdc/nifi-cdc-mysql-bundle/nifi-cdc-mysql-processors/src/main/java/org/apache/nifi/cdc/mysql/processors/CaptureChangeMySQL.java
##########
@@ -738,6 +801,13 @@ protected void connect(List<InetSocketAddress> hosts,
String username, String pa
binlogClient.setServerId(serverId);
}
+ binlogClient.setSSLMode(sslMode);
+ if (sslContextService != null) {
+ final SSLContext sslContext =
sslContextService.createSSLContext(ClientAuth.NONE);
Review comment:
Since the ClientAuth options influence the values of setNeedClientAuth()
and setWantClientAuth() on the default SSLParameters, the value of ClientAuth
is effectively ignored when the SSL Socket is acting in client mode, as in the
case of the Binary Log client. In this PR, with multiple options for SSLMode,
passing ClientAuth.NONE seemed to be the most intuitive default option, since
SSLMode.PREFERRED does not mandate an SSL connection.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
