You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@servicecomb.apache.org by GitBox <gi...@apache.org> on 2018/05/03 08:20:04 UTC

[GitHub] yangbor commented on a change in pull request #181: [SCB-342] Add TLS support for gRPC

yangbor commented on a change in pull request #181: [SCB-342] Add TLS support for gRPC
URL: https://github.com/apache/incubator-servicecomb-saga/pull/181#discussion_r185724160
 
 

 ##########
 File path: alpha/alpha-server/src/test/java/org/apache/servicecomb/saga/alpha/server/AlphaIntegrationTest.java
 ##########
 @@ -134,6 +150,23 @@
   private final CompensationStreamObserver compensateResponseObserver = new CompensationStreamObserver(
       this::onCompensation);
 
+  private static SslContext getSslContext(){
+    ClassLoader classLoader = AlphaIntegrationTest.class.getClassLoader();
+    SslContext sslContext = null;
+    try {
+      sslContext = GrpcSslContexts.forClient().sslProvider(SslProvider.OPENSSL)
+          .protocols("TLSv1.2","TLSv1.1")
+          .ciphers(Arrays.asList("ECDHE-RSA-AES128-GCM-SHA256",
+              "ECDHE-RSA-AES256-GCM-SHA384",
+              "ECDHE-ECDSA-AES128-SHA256"))
+          .trustManager(new File(classLoader.getResource("ca.crt").getFile()))
 
 Review comment:
   Yes I have thought about this. But as the connection is only used by alpha/omega communication, adding protocol/cipher configuration creates unnecessary burden for end-users. I'll figure out a better way to do this.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services