zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ivmaykov <...@git.apache.org>
Subject [GitHub] zookeeper issue #184: ZOOKEEPER-236: SSL Support for Atomic Broadcast protoc...
Date Thu, 28 Jun 2018 00:30:18 GMT
Github user ivmaykov commented on the issue:

    @anmolnar thanks for the hard work! Our plan is to run this on a real cluster for about
a month, if everything is working well, that will be a pretty good argument for "this code
is ready to be merged to master".
    There are 2 pieces of functionality that I would like to add:
    - support for PEM-encoded certs and private keys. I have this working already, just need
to figure out how to stack my PR on top of your PR.
    - re-initialize the SSLContext when the cert file changes, without restarting the server.
Our certs are not very long-lived and are refreshed by a mechanism outside of ZK, so ZK process
may outlive a cert and will need to refresh it. This is not yet done, but I'm starting to
work on it, will send that PR out once it's ready as well.


View raw message