Gowrima commented on PR #2209:
URL: https://github.com/apache/zookeeper/pull/2209#issuecomment-2465816255
void testReadOnlyWithSSL() {
startReadOnly();
watchctx_t watch;
zhandle_t* zh = connectReadOnlySSL("localhost:22281",
"/tmp/certs/server.crt,/tmp/certs/client.crt,/tmp/certs/clientkey.pem,password",
&watch);
certstr =
"/tmp/certs/server.crt,/tmp/certs/client.crt,/tmp/certs/clientkey.pem,password"
server.crt is the public key stored in zcert.ca, client.crt is the private
key stored in zcert.cert, followed by zcert.key and zcert.password storing the
client key and password.
With the suggested change, both zcert.certstr and zcert.ca will point to
'server.crt', as follows,
certstr = /tmp/certs/server.crt
ca = /tmp/certs/server.crt
cert = /tmp/certs/client.crt
key = /tmp/certs/clientkey.pem
password = password
We should either completely remove certstr from struct zcert_t or keep it to
store the SSL parameters. I strongly recommend keeping the existing
implementation to store the original SSL parameters.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@zookeeper.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
