True, there are two other use cases that users commonly have:
YCAv2: Users go through a common proxy, since these certificates are also host-based. Data Highway: The DH servers query the storm registry server using yfor syntax for the list of hosts (storm spouts) that have registered to receive data. SSL certificates are generated for each virtual host in the registry service. What external service is being connected to in this case? -- Derek ----- Original Message ----- From: Ben Gould <[email protected]> To: [email protected] Cc: Sent: Monday, March 30, 2015 12:13 PM Subject: Re: SSL Context Thanks for the response! Sure but if you need an identifying certificate per storm node, you can't really set it in the TopologyBuilder configuration when submitting the topology, since each node will have a unique certificate (possibly with a different password). If they all had the same path and password it wouldn't be an issue I suppose. On 03/26/2015 06:17 PM, Derek Dagit wrote: > I think you can topology.worker.childopts when submitting your topology, and > each of your worker JVMs will be launched with those options. > -- Derek > > > > ________________________________ > From: Ben Gould <[email protected]> > To: [email protected] > Sent: Thursday, March 26, 2015 4:52 PM > Subject: SSL Context > > > Hi all, > > I'm running a topology that has bolts and spouts that need to make ssl > connections to external resources. I'm trying to set the > -Djavax.net.ssl.* properties using the storm.yaml, but I'm not sure how > to get it down to the necessary component. I am guessing I have to > change my "topology.worker.childopts" option on each storm node? > > Before I go and mess with my storm.yaml files, I wanted to reach out and > see how people were doing it. > > Thanks, > -Ben -- Ben Gould iNovex Information Systems, Inc 7240 Parkway Drive, Suite 140 Hanover, MD 21076 (410)292-1332 http://inovexcorp.com
