HTHou commented on PR #18130: URL: https://github.com/apache/iotdb/pull/18130#issuecomment-4900918774
One more API/UX note about the new `trustStore` / `keyStore` naming: It is reasonable to align the C++ Session API with the Java Session API, but in the C/C++ ecosystem this naming can be ambiguous. Some C/C++ clients use similar names, but often with different semantics. For example, Paho MQTT C has `trustStore` / `keyStore` fields but they point to PEM files, while librdkafka supports a PKCS#12 `ssl.keystore.location` for client authentication but still uses CA-style options such as `ssl.ca.location` / `ssl.ca.pem` for server trust. Many C++ APIs instead expose OpenSSL-style inputs directly (`ca/root certs`, `cert chain`, `private key`). So if this PR keeps the Java-style names, please make the boundary explicit in docs and errors: JKS is not supported by the C++ client; `.p12` / `.pfx` means PKCS#12, and PEM trust files are only supported through the legacy/path-style option. It may also be useful to keep or add OpenSSL-style configuration names (`caFile`, `certFile`, `keyFile`, etc.) so native C++ users do not have to think in Java keystore terms when they already have PEM material. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
