[jira] [Commented] (LOG4J2-2072) Support TLS configuration through FlumeAppender

Thu, 09 Nov 2017 09:34:45 -0800 

    [ 
https://issues.apache.org/jira/browse/LOG4J2-2072?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16246119#comment-16246119
 ] 

Frank Swanson commented on LOG4J2-2072:
---------------------------------------

Thank you for the links, Much appreciated. I think this does make sense for the 
product as it evolves. While I understand and absolutely agree with the desire 
to update the interface. That is not related to the issue that this ticket 
exposes which is that this tool does not support SSL therefore rendering this 
essentially unusable in production. This issue is easily resolved with the 
approach mentioned in my initial statement. 

Given all these valid points, I think what makes the most sense and is 
something I would be willing to do is: open a ticket to update the interface 
and also take that ticket on once we have completed getting the tool with its 
current interface to able to work with ssl simply by passing the properties 
through and proving this works with unit tests similar to what is there today 
in the non-ssl context.

> Support TLS configuration through FlumeAppender
> -----------------------------------------------
>
>                 Key: LOG4J2-2072
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-2072
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: Flume Appender
>    Affects Versions: 2.9.1
>            Reporter: Frank Swanson
>
> When using the FlumeAppnder with a FlumeAvroManager it would be nice to be 
> able to pass some properties through to the connect method for the RpcClient 
> to support SSL configuration.
> The required properties to support the configuration are ~
>             properties[0] = 
> Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUST_ALL_CERTS,
>  "false");
>             properties[1] = 
> Property.createProperty(RpcClientConfigurationConstants.CONFIG_SSL, "true");
>             properties[2] = 
> Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUSTSTORE, 
> path_to_truststore);
>             properties[3] = 
> Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUSTSTORE_PASSWORD,
>  super_secret);
>             properties[4] = 
> Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUSTSTORE_TYPE,
>  "JKS");
> I am happy to provide a PR for this feature if supported. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to