[jira] [Commented] (SCB-342) [pack] secure gRPC transport

Thu, 03 May 2018 01:21:13 -0700 

    [ 
https://issues.apache.org/jira/browse/SCB-342?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16462093#comment-16462093
 ] 

ASF GitHub Bot commented on SCB-342:
------------------------------------

yangbor commented on a change in pull request #181: [SCB-342] Add TLS support 
for gRPC
URL: 
https://github.com/apache/incubator-servicecomb-saga/pull/181#discussion_r185724160
 
 

 ##########
 File path: 
alpha/alpha-server/src/test/java/org/apache/servicecomb/saga/alpha/server/AlphaIntegrationTest.java
 ##########
 @@ -134,6 +150,23 @@
   private final CompensationStreamObserver compensateResponseObserver = new 
CompensationStreamObserver(
       this::onCompensation);
 
+  private static SslContext getSslContext(){
+    ClassLoader classLoader = AlphaIntegrationTest.class.getClassLoader();
+    SslContext sslContext = null;
+    try {
+      sslContext = GrpcSslContexts.forClient().sslProvider(SslProvider.OPENSSL)
+          .protocols("TLSv1.2","TLSv1.1")
+          .ciphers(Arrays.asList("ECDHE-RSA-AES128-GCM-SHA256",
+              "ECDHE-RSA-AES256-GCM-SHA384",
+              "ECDHE-ECDSA-AES128-SHA256"))
+          .trustManager(new File(classLoader.getResource("ca.crt").getFile()))
 
 Review comment:
   Yes I have thought about this. But as the connection is only used by 
alpha/omega communication, adding protocol/cipher configuration creates 
unnecessary burden for end-users. I'll figure out a better way to do this.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


> [pack] secure gRPC transport
> ----------------------------
>
>                 Key: SCB-342
>                 URL: https://issues.apache.org/jira/browse/SCB-342
>             Project: Apache ServiceComb
>          Issue Type: New Feature
>          Components: Saga
>    Affects Versions: saga-0.2.0
>            Reporter: Eric Lee
>            Assignee: Yang Bo
>            Priority: Major
>
> As a user, I want to secure the transport between alpha and omega. 
> Configurations of security should be visible to developers.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to