Dan Burkert has posted comments on this change. Change subject: KUDU-1965: Allow user provided TLS certificates to work with KRPC ......................................................................
Patch Set 3: (1 comment) http://gerrit.cloudera.org:8080/#/c/6555/3/src/kudu/rpc/server_negotiation.cc File src/kudu/rpc/server_negotiation.cc: Line 629: if (!cert.is_user_provided()) { > I guess it depends how we configure the handshake from the server side. Cur Ideally Kudu could support either IPKI certs or external certs in the same messenger, in the case where IPKI is used for tserver certs, and external certs are being used for clients. As such, it would be great to not have an either/or switch. -- To view, visit http://gerrit.cloudera.org:8080/6555 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ica6e2bacb378553723467f0dc54a166885db1e4d Gerrit-PatchSet: 3 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Sailesh Mukil <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
