You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@skywalking.apache.org by GitBox <gi...@apache.org> on 2020/03/09 15:02:03 UTC
[GitHub] [skywalking] hanahmily commented on issue #4470: Enable OAP gRPC
SSL transportation
hanahmily commented on issue #4470: Enable OAP gRPC SSL transportation
URL: https://github.com/apache/skywalking/pull/4470#issuecomment-596585337
> 1. Only `ReceiverGRPCHandlerRegister` should support only server-side receiver. You could read the codes, only it has the `#addFilter` for `AuthenticationInterceptor`.
Don't get your point.`ReceiverGRPCHandlerRegister` intends to add `interceptor` or `service` to `NettyServerBuilder` by invoking its `addService` method. But SSL should invoke `NettyServerBuilder#sslContext`. I don't find any link between them. Do I miss something? feel free to correct me.
> 2. If we talk about the core module, you have to implement the client side TLS inside `GRPCRemoteClient`, in oder to make sure it matches the core configuration. And this TLS should be used for internal only.
make sense. I should enable client ssl at the same time. There's also a scenario for `sharing-server`, if we want to enable external SSL and disable internal SSL, client ssl needs to read config from `sharing-server` instead of `core`, right?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services