Hello Kudu Jenkins,
I'd like you to reexamine a change. Please visit
http://gerrit.cloudera.org:8080/18870
to look at the new patch set (#2).
Change subject: KUDU-3392 Support trusting custom certificates
......................................................................
KUDU-3392 Support trusting custom certificates
Right now, Kudu can only talk to Ranger KMS over TLS when its
certificate is trusted on the OS level (installed in /etc/pki). By
adding a new flag to trust a PEM file in a custom location, users don't
need to install Ranger KMS's certificate in a central location, they can
simply provide the PEM file when starting up Kudu servers. Right now,
Ranger KMS is the only such service (Kudu talks to Ranger Admin using
its Java client within a subprocess, which uses an XML config file to
set the truststore location), but it's possible that in the future, Kudu
will act as a client to other services, so the new flag,
-trusted_certificate_file, sets the trust in a central location, in
curl_util using CURLOPT_CAINFO.
Change-Id: Ib5a69ba54ad9c0029b83417bdb4dca65b6313005
---
M src/kudu/util/curl_util.cc
1 file changed, 10 insertions(+), 0 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/70/18870/2
--
To view, visit http://gerrit.cloudera.org:8080/18870
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newpatchset
Gerrit-Change-Id: Ib5a69ba54ad9c0029b83417bdb4dca65b6313005
Gerrit-Change-Number: 18870
Gerrit-PatchSet: 2
Gerrit-Owner: Attila Bukor <[email protected]>
Gerrit-Reviewer: Kudu Jenkins (120)
