mridulm commented on code in PR #43220:
URL: https://github.com/apache/spark/pull/43220#discussion_r1346877805
##########
common/network-common/src/main/java/org/apache/spark/network/util/TransportConf.java:
##########
@@ -257,6 +258,159 @@ public int sslShuffleChunkSize() {
conf.get("spark.network.ssl.maxEncryptedBlockSize", "64k")));
}
+ /**
+ * Whether Secure (SSL/TLS) RPC (including Block Transfer Service) is enabled
+ */
+ public boolean sslRpcEnabled() {
+ return conf.getBoolean("spark.ssl.rpc.enabled", false);
+ }
Review Comment:
Ok, so we are relying on the fact the if truststore is not specified, it
implies self signed cert as we are going to bypass cert check.
That sounds fine to me given this is different from 'typical' usage where
client is accepting server's cert and does not know if it will be trusted, or
should bypass trust (if cert is trusted, use that - but if it no, should it
still be trusted).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
