You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by mm...@apache.org on 2019/06/02 08:54:07 UTC
[pulsar] branch asf-site updated: Updated site at revision 4faccf1
This is an automated email from the ASF dual-hosted git repository.
mmerli pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 453eaf2 Updated site at revision 4faccf1
453eaf2 is described below
commit 453eaf2bf46a952181829d670bcb508271e28dab
Author: jenkins <bu...@apache.org>
AuthorDate: Sun Jun 2 08:53:58 2019 +0000
Updated site at revision 4faccf1
---
.../docs/en/next/security-tls-authentication.html | 12 ++++++
.../en/next/security-tls-authentication/index.html | 12 ++++++
.../docs/fr/next/security-tls-authentication.html | 38 +++++++++++++------
.../fr/next/security-tls-authentication/index.html | 38 +++++++++++++------
.../docs/ja/next/security-tls-authentication.html | 38 +++++++++++++------
.../ja/next/security-tls-authentication/index.html | 38 +++++++++++++------
.../zh-CN/next/security-tls-authentication.html | 38 +++++++++++++------
.../next/security-tls-authentication/index.html | 38 +++++++++++++------
content/swagger/swagger.json | 34 ++++++++---------
content/swagger/swaggerfunctions.json | 44 +++++++++++-----------
10 files changed, 225 insertions(+), 105 deletions(-)
diff --git a/content/docs/en/next/security-tls-authentication.html b/content/docs/en/next/security-tls-authentication.html
index 75d5212..f84a09a 100644
--- a/content/docs/en/next/security-tls-authentication.html
+++ b/content/docs/en/next/security-tls-authentication.html
@@ -92,12 +92,24 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note
+If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
+<blockquote>
+<p>Note
+If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash">$ <span class="hljs-built_in">cd</span> /etc/pki/tls/misc/CA
+$ ./CA -newca
+</code></pre>
+<p>to generate <code>cakey.pem</code> .</p>
+</blockquote>
<h2><a class="anchor" aria-hidden="true" id="enabling-tls-authentication-"></a><a href="#enabling-tls-authentication-" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 [...]
<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/en/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
diff --git a/content/docs/en/next/security-tls-authentication/index.html b/content/docs/en/next/security-tls-authentication/index.html
index 75d5212..f84a09a 100644
--- a/content/docs/en/next/security-tls-authentication/index.html
+++ b/content/docs/en/next/security-tls-authentication/index.html
@@ -92,12 +92,24 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note
+If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
+<blockquote>
+<p>Note
+If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash">$ <span class="hljs-built_in">cd</span> /etc/pki/tls/misc/CA
+$ ./CA -newca
+</code></pre>
+<p>to generate <code>cakey.pem</code> .</p>
+</blockquote>
<h2><a class="anchor" aria-hidden="true" id="enabling-tls-authentication-"></a><a href="#enabling-tls-authentication-" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 [...]
<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/en/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
diff --git a/content/docs/fr/next/security-tls-authentication.html b/content/docs/fr/next/security-tls-authentication.html
index 8606b2e..d108cdd 100644
--- a/content/docs/fr/next/security-tls-authentication.html
+++ b/content/docs/fr/next/security-tls-authentication.html
@@ -92,22 +92,38 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
-<h2><a class="anchor" aria-hidden="true" id="enabling-tls-authentication-"></a><a href="#enabling-tls-authentication-" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 [...]
-<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/fr/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
-<pre><code class="hljs css language-properties"><span class="hljs-comment"># Configuration to enable authentication</span>
-<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
-<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
-</code></pre>
+<blockquote>
+<p>Note If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash"></code></pre>
+</blockquote>
+<p>$ cd /etc/pki/tls/misc/CA
+$ ./CA -newca</p>
+<pre><code class="hljs">
+to generate <span class="hljs-code">`cakey.pem`</span> .
+
+<span class="hljs-section">## Enabling TLS Authentication ...</span>
+
+<span class="hljs-section">### ... on Brokers</span>
+
+To configure brokers to authenticate clients, put the following in <span class="hljs-code">`broker.conf`</span>, alongside [<span class="hljs-string">the configuration to enable tls transport</span>](<span class="hljs-link">security-tls-transport.md#broker-configuration</span>):
+
+<span class="hljs-code">```properties
+# Configuration to enable authentication
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
+</span></code></pre>
<h3><a class="anchor" aria-hidden="true" id="on-proxies"></a><a href="#on-proxies" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="/docs/fr/next/security-tls-transport#proxy-configuration">the configuration to enable tls transport</a>:</p>
-<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="/docs/fr/next/security-authorization">authorization guide</a> for more details.</p>
+<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="security-tls-transport.md#proxy-configuration">the configuration to enable tls transport</a>:</p>
+<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="security-authorization.md">authorization guide</a> for more details.</p>
<pre><code class="hljs css language-properties"><span class="hljs-comment"># For clients connecting to the proxy</span>
<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
@@ -119,7 +135,7 @@
<h2><a class="anchor" aria-hidden="true" id="configuration-du-client"></a><a href="#configuration-du-client" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 [...]
<p>When TLS authentication, the client needs to connect via TLS transport, so you need to configure the client to use <code>https://</code> and port 8443 for the web service URL, and <code>pulsar+ssl://</code> and port 6651 for the broker service URL.</p>
<h3><a class="anchor" aria-hidden="true" id="cli-tools"></a><a href="#cli-tools" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.6 [...]
-<p><a href="/docs/fr/next/reference-cli-tools">Command-line tools</a> like <a href="/docs/fr/next/pulsar-admin"><code>pulsar-admin</code></a>, <a href="/docs/fr/next/reference-cli-tools#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="/docs/fr/next/reference-cli-tools#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
+<p><a href="reference-cli-tools.md">Command-line tools</a> like <a href="reference-pulsar-admin.md"><code>pulsar-admin</code></a>, <a href="reference-cli-tools.md#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="reference-cli-tools.md#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
<p>You'll need to add the following parameters to that file to use TLS authentication with Pulsar's CLI tools:</p>
<pre><code class="hljs css language-properties"><span class="hljs-attr">webServiceUrl</span>=<span class="hljs-string">https://broker.example.com:8443/</span>
<span class="hljs-attr">brokerServiceUrl</span>=<span class="hljs-string">pulsar+ssl://broker.example.com:6651/</span>
@@ -163,7 +179,7 @@ config.setAuth(auth);
pulsar::<span class="hljs-function">Client <span class="hljs-title">client</span><span class="hljs-params">(<span class="hljs-string">"pulsar+ssl://broker.example.com:6651/"</span>, config)</span></span>;
</code></pre>
-</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/fr/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/fr/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
+</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/fr/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/fr/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
const community = document.querySelector("a[href='#community']").parentNode;
const communityMenu =
'<li>' +
diff --git a/content/docs/fr/next/security-tls-authentication/index.html b/content/docs/fr/next/security-tls-authentication/index.html
index 8606b2e..d108cdd 100644
--- a/content/docs/fr/next/security-tls-authentication/index.html
+++ b/content/docs/fr/next/security-tls-authentication/index.html
@@ -92,22 +92,38 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
-<h2><a class="anchor" aria-hidden="true" id="enabling-tls-authentication-"></a><a href="#enabling-tls-authentication-" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 [...]
-<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/fr/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
-<pre><code class="hljs css language-properties"><span class="hljs-comment"># Configuration to enable authentication</span>
-<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
-<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
-</code></pre>
+<blockquote>
+<p>Note If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash"></code></pre>
+</blockquote>
+<p>$ cd /etc/pki/tls/misc/CA
+$ ./CA -newca</p>
+<pre><code class="hljs">
+to generate <span class="hljs-code">`cakey.pem`</span> .
+
+<span class="hljs-section">## Enabling TLS Authentication ...</span>
+
+<span class="hljs-section">### ... on Brokers</span>
+
+To configure brokers to authenticate clients, put the following in <span class="hljs-code">`broker.conf`</span>, alongside [<span class="hljs-string">the configuration to enable tls transport</span>](<span class="hljs-link">security-tls-transport.md#broker-configuration</span>):
+
+<span class="hljs-code">```properties
+# Configuration to enable authentication
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
+</span></code></pre>
<h3><a class="anchor" aria-hidden="true" id="on-proxies"></a><a href="#on-proxies" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="/docs/fr/next/security-tls-transport#proxy-configuration">the configuration to enable tls transport</a>:</p>
-<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="/docs/fr/next/security-authorization">authorization guide</a> for more details.</p>
+<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="security-tls-transport.md#proxy-configuration">the configuration to enable tls transport</a>:</p>
+<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="security-authorization.md">authorization guide</a> for more details.</p>
<pre><code class="hljs css language-properties"><span class="hljs-comment"># For clients connecting to the proxy</span>
<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
@@ -119,7 +135,7 @@
<h2><a class="anchor" aria-hidden="true" id="configuration-du-client"></a><a href="#configuration-du-client" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 [...]
<p>When TLS authentication, the client needs to connect via TLS transport, so you need to configure the client to use <code>https://</code> and port 8443 for the web service URL, and <code>pulsar+ssl://</code> and port 6651 for the broker service URL.</p>
<h3><a class="anchor" aria-hidden="true" id="cli-tools"></a><a href="#cli-tools" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.6 [...]
-<p><a href="/docs/fr/next/reference-cli-tools">Command-line tools</a> like <a href="/docs/fr/next/pulsar-admin"><code>pulsar-admin</code></a>, <a href="/docs/fr/next/reference-cli-tools#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="/docs/fr/next/reference-cli-tools#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
+<p><a href="reference-cli-tools.md">Command-line tools</a> like <a href="reference-pulsar-admin.md"><code>pulsar-admin</code></a>, <a href="reference-cli-tools.md#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="reference-cli-tools.md#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
<p>You'll need to add the following parameters to that file to use TLS authentication with Pulsar's CLI tools:</p>
<pre><code class="hljs css language-properties"><span class="hljs-attr">webServiceUrl</span>=<span class="hljs-string">https://broker.example.com:8443/</span>
<span class="hljs-attr">brokerServiceUrl</span>=<span class="hljs-string">pulsar+ssl://broker.example.com:6651/</span>
@@ -163,7 +179,7 @@ config.setAuth(auth);
pulsar::<span class="hljs-function">Client <span class="hljs-title">client</span><span class="hljs-params">(<span class="hljs-string">"pulsar+ssl://broker.example.com:6651/"</span>, config)</span></span>;
</code></pre>
-</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/fr/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/fr/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
+</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/fr/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/fr/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
const community = document.querySelector("a[href='#community']").parentNode;
const communityMenu =
'<li>' +
diff --git a/content/docs/ja/next/security-tls-authentication.html b/content/docs/ja/next/security-tls-authentication.html
index 4171214..f143bb6 100644
--- a/content/docs/ja/next/security-tls-authentication.html
+++ b/content/docs/ja/next/security-tls-authentication.html
@@ -92,22 +92,38 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
-<h2><a class="anchor" aria-hidden="true" id="tls-認証の有効化"></a><a href="#tls-認証の有効化" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/ja/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
-<pre><code class="hljs css language-properties"><span class="hljs-comment"># Configuration to enable authentication</span>
-<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
-<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
-</code></pre>
+<blockquote>
+<p>Note If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash"></code></pre>
+</blockquote>
+<p>$ cd /etc/pki/tls/misc/CA
+$ ./CA -newca</p>
+<pre><code class="hljs">
+to generate <span class="hljs-code">`cakey.pem`</span> .
+
+<span class="hljs-section">## TLS 認証の有効化</span>
+
+<span class="hljs-section">### ... on Brokers</span>
+
+To configure brokers to authenticate clients, put the following in <span class="hljs-code">`broker.conf`</span>, alongside [<span class="hljs-string">the configuration to enable tls transport</span>](<span class="hljs-link">security-tls-transport.md#broker-configuration</span>):
+
+<span class="hljs-code">```properties
+# Configuration to enable authentication
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
+</span></code></pre>
<h3><a class="anchor" aria-hidden="true" id="on-proxies"></a><a href="#on-proxies" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="/docs/ja/next/security-tls-transport#proxy-configuration">the configuration to enable tls transport</a>:</p>
-<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="/docs/ja/next/security-authorization">authorization guide</a> for more details.</p>
+<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="security-tls-transport.md#proxy-configuration">the configuration to enable tls transport</a>:</p>
+<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="security-authorization.md">authorization guide</a> for more details.</p>
<pre><code class="hljs css language-properties"><span class="hljs-comment"># For clients connecting to the proxy</span>
<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
@@ -119,7 +135,7 @@
<h2><a class="anchor" aria-hidden="true" id="client-configuration"></a><a href="#client-configuration" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1 [...]
<p>When TLS authentication, the client needs to connect via TLS transport, so you need to configure the client to use <code>https://</code> and port 8443 for the web service URL, and <code>pulsar+ssl://</code> and port 6651 for the broker service URL.</p>
<h3><a class="anchor" aria-hidden="true" id="cli-ツール"></a><a href="#cli-ツール" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1- [...]
-<p><a href="/docs/ja/next/reference-cli-tools">Command-line tools</a> like <a href="/docs/ja/next/pulsar-admin"><code>pulsar-admin</code></a>, <a href="/docs/ja/next/reference-cli-tools#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="/docs/ja/next/reference-cli-tools#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
+<p><a href="reference-cli-tools.md">Command-line tools</a> like <a href="reference-pulsar-admin.md"><code>pulsar-admin</code></a>, <a href="reference-cli-tools.md#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="reference-cli-tools.md#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
<p>You'll need to add the following parameters to that file to use TLS authentication with Pulsar's CLI tools:</p>
<pre><code class="hljs css language-properties"><span class="hljs-attr">webServiceUrl</span>=<span class="hljs-string">https://broker.example.com:8443/</span>
<span class="hljs-attr">brokerServiceUrl</span>=<span class="hljs-string">pulsar+ssl://broker.example.com:6651/</span>
@@ -163,7 +179,7 @@ config.setAuth(auth);
pulsar::<span class="hljs-function">Client <span class="hljs-title">client</span><span class="hljs-params">(<span class="hljs-string">"pulsar+ssl://broker.example.com:6651/"</span>, config)</span></span>;
</code></pre>
-</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/ja/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/ja/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
+</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/ja/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/ja/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
const community = document.querySelector("a[href='#community']").parentNode;
const communityMenu =
'<li>' +
diff --git a/content/docs/ja/next/security-tls-authentication/index.html b/content/docs/ja/next/security-tls-authentication/index.html
index 4171214..f143bb6 100644
--- a/content/docs/ja/next/security-tls-authentication/index.html
+++ b/content/docs/ja/next/security-tls-authentication/index.html
@@ -92,22 +92,38 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
-<h2><a class="anchor" aria-hidden="true" id="tls-認証の有効化"></a><a href="#tls-認証の有効化" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/ja/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
-<pre><code class="hljs css language-properties"><span class="hljs-comment"># Configuration to enable authentication</span>
-<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
-<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
-</code></pre>
+<blockquote>
+<p>Note If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash"></code></pre>
+</blockquote>
+<p>$ cd /etc/pki/tls/misc/CA
+$ ./CA -newca</p>
+<pre><code class="hljs">
+to generate <span class="hljs-code">`cakey.pem`</span> .
+
+<span class="hljs-section">## TLS 認証の有効化</span>
+
+<span class="hljs-section">### ... on Brokers</span>
+
+To configure brokers to authenticate clients, put the following in <span class="hljs-code">`broker.conf`</span>, alongside [<span class="hljs-string">the configuration to enable tls transport</span>](<span class="hljs-link">security-tls-transport.md#broker-configuration</span>):
+
+<span class="hljs-code">```properties
+# Configuration to enable authentication
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
+</span></code></pre>
<h3><a class="anchor" aria-hidden="true" id="on-proxies"></a><a href="#on-proxies" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="/docs/ja/next/security-tls-transport#proxy-configuration">the configuration to enable tls transport</a>:</p>
-<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="/docs/ja/next/security-authorization">authorization guide</a> for more details.</p>
+<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="security-tls-transport.md#proxy-configuration">the configuration to enable tls transport</a>:</p>
+<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="security-authorization.md">authorization guide</a> for more details.</p>
<pre><code class="hljs css language-properties"><span class="hljs-comment"># For clients connecting to the proxy</span>
<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
@@ -119,7 +135,7 @@
<h2><a class="anchor" aria-hidden="true" id="client-configuration"></a><a href="#client-configuration" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1 [...]
<p>When TLS authentication, the client needs to connect via TLS transport, so you need to configure the client to use <code>https://</code> and port 8443 for the web service URL, and <code>pulsar+ssl://</code> and port 6651 for the broker service URL.</p>
<h3><a class="anchor" aria-hidden="true" id="cli-ツール"></a><a href="#cli-ツール" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1- [...]
-<p><a href="/docs/ja/next/reference-cli-tools">Command-line tools</a> like <a href="/docs/ja/next/pulsar-admin"><code>pulsar-admin</code></a>, <a href="/docs/ja/next/reference-cli-tools#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="/docs/ja/next/reference-cli-tools#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
+<p><a href="reference-cli-tools.md">Command-line tools</a> like <a href="reference-pulsar-admin.md"><code>pulsar-admin</code></a>, <a href="reference-cli-tools.md#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="reference-cli-tools.md#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
<p>You'll need to add the following parameters to that file to use TLS authentication with Pulsar's CLI tools:</p>
<pre><code class="hljs css language-properties"><span class="hljs-attr">webServiceUrl</span>=<span class="hljs-string">https://broker.example.com:8443/</span>
<span class="hljs-attr">brokerServiceUrl</span>=<span class="hljs-string">pulsar+ssl://broker.example.com:6651/</span>
@@ -163,7 +179,7 @@ config.setAuth(auth);
pulsar::<span class="hljs-function">Client <span class="hljs-title">client</span><span class="hljs-params">(<span class="hljs-string">"pulsar+ssl://broker.example.com:6651/"</span>, config)</span></span>;
</code></pre>
-</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/ja/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/ja/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
+</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/ja/next/security-tls-transport"><span class="arrow-prev">← </span><span>Transport Encryption using TLS</span></a><a class="docs-next button" href="/docs/ja/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls-authentication-overview">TLS Authentication [...]
const community = document.querySelector("a[href='#community']").parentNode;
const communityMenu =
'<li>' +
diff --git a/content/docs/zh-CN/next/security-tls-authentication.html b/content/docs/zh-CN/next/security-tls-authentication.html
index 43ee0d9..f1d35fa 100644
--- a/content/docs/zh-CN/next/security-tls-authentication.html
+++ b/content/docs/zh-CN/next/security-tls-authentication.html
@@ -92,22 +92,38 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
-<h2><a class="anchor" aria-hidden="true" id="开启tls认证"></a><a href="#开启tls认证" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1- [...]
-<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/zh-CN/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
-<pre><code class="hljs css language-properties"><span class="hljs-comment"># Configuration to enable authentication</span>
-<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
-<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
-</code></pre>
+<blockquote>
+<p>Note If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash"></code></pre>
+</blockquote>
+<p>$ cd /etc/pki/tls/misc/CA
+$ ./CA -newca</p>
+<pre><code class="hljs">
+to generate <span class="hljs-code">`cakey.pem`</span> .
+
+<span class="hljs-section">## 开启TLS认证</span>
+
+<span class="hljs-section">### ... on Brokers</span>
+
+To configure brokers to authenticate clients, put the following in <span class="hljs-code">`broker.conf`</span>, alongside [<span class="hljs-string">the configuration to enable tls transport</span>](<span class="hljs-link">security-tls-transport.md#broker-configuration</span>):
+
+<span class="hljs-code">```properties
+# Configuration to enable authentication
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
+</span></code></pre>
<h3><a class="anchor" aria-hidden="true" id="on-proxies"></a><a href="#on-proxies" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="/docs/zh-CN/next/security-tls-transport#proxy-configuration">the configuration to enable tls transport</a>:</p>
-<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="/docs/zh-CN/next/security-authorization">authorization guide</a> for more details.</p>
+<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="security-tls-transport.md#proxy-configuration">the configuration to enable tls transport</a>:</p>
+<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="security-authorization.md">authorization guide</a> for more details.</p>
<pre><code class="hljs css language-properties"><span class="hljs-comment"># For clients connecting to the proxy</span>
<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
@@ -119,7 +135,7 @@
<h2><a class="anchor" aria-hidden="true" id="客户端配置"></a><a href="#客户端配置" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09 [...]
<p>When TLS authentication, the client needs to connect via TLS transport, so you need to configure the client to use <code>https://</code> and port 8443 for the web service URL, and <code>pulsar+ssl://</code> and port 6651 for the broker service URL.</p>
<h3><a class="anchor" aria-hidden="true" id="命令行工具"></a><a href="#命令行工具" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09 [...]
-<p><a href="/docs/zh-CN/next/reference-cli-tools">Command-line tools</a> like <a href="/docs/zh-CN/next/pulsar-admin"><code>pulsar-admin</code></a>, <a href="/docs/zh-CN/next/reference-cli-tools#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="/docs/zh-CN/next/reference-cli-tools#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
+<p><a href="reference-cli-tools.md">Command-line tools</a> like <a href="reference-pulsar-admin.md"><code>pulsar-admin</code></a>, <a href="reference-cli-tools.md#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="reference-cli-tools.md#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
<p>You'll need to add the following parameters to that file to use TLS authentication with Pulsar's CLI tools:</p>
<pre><code class="hljs css language-properties"><span class="hljs-attr">webServiceUrl</span>=<span class="hljs-string">https://broker.example.com:8443/</span>
<span class="hljs-attr">brokerServiceUrl</span>=<span class="hljs-string">pulsar+ssl://broker.example.com:6651/</span>
@@ -163,7 +179,7 @@ config.setAuth(auth);
pulsar::<span class="hljs-function">Client <span class="hljs-title">client</span><span class="hljs-params">(<span class="hljs-string">"pulsar+ssl://broker.example.com:6651/"</span>, config)</span></span>;
</code></pre>
-</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/zh-CN/next/security-tls-transport"><span class="arrow-prev">← </span><span>使用TLS进行传输加密</span></a><a class="docs-next button" href="/docs/zh-CN/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls认证概述">TLS认证概述</a><ul class="toc-headings"><li><a href="#创 [...]
+</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/zh-CN/next/security-tls-transport"><span class="arrow-prev">← </span><span>使用TLS进行传输加密</span></a><a class="docs-next button" href="/docs/zh-CN/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls认证概述">TLS认证概述</a><ul class="toc-headings"><li><a href="#创 [...]
const community = document.querySelector("a[href='#community']").parentNode;
const communityMenu =
'<li>' +
diff --git a/content/docs/zh-CN/next/security-tls-authentication/index.html b/content/docs/zh-CN/next/security-tls-authentication/index.html
index 43ee0d9..f1d35fa 100644
--- a/content/docs/zh-CN/next/security-tls-authentication/index.html
+++ b/content/docs/zh-CN/next/security-tls-authentication/index.html
@@ -92,22 +92,38 @@
<pre><code class="hljs css language-bash">$ openssl req -config openssl.cnf \
-key admin.key.pem -new -sha256 -out admin.csr.pem
</code></pre>
+<blockquote>
+<p>Note If there is no openssl.cnf, please read <a href="http://pulsar.apache.org/docs/en/security-tls-transport/#certificate-authority">Certificate authority</a> to get the openssl.cnf.</p>
+</blockquote>
<p>Sign with request with the certificate authority. Note that that client certs uses the <strong>usr_cert</strong> extension, which allows the cert to be used for client authentication.</p>
<pre><code class="hljs css language-bash">$ openssl ca -config openssl.cnf -extensions usr_cert \
-days 1000 -notext -md sha256 \
-<span class="hljs-keyword">in</span> admin.csr.pem -out admin.cert.pem
</code></pre>
<p>This will give you a cert, <code>admin.cert.pem</code>, and a key, <code>admin.key-pk8.pem</code>, which, with <code>ca.cert.pem</code>, can be used by clients to authenticate themselves to brokers and proxies as the role token <code>admin</code>.</p>
-<h2><a class="anchor" aria-hidden="true" id="开启tls认证"></a><a href="#开启tls认证" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1- [...]
-<h3><a class="anchor" aria-hidden="true" id="on-brokers"></a><a href="#on-brokers" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure brokers to authenticate clients, put the following in <code>broker.conf</code>, alongside <a href="/docs/zh-CN/next/security-tls-transport#broker-configuration">the configuration to enable tls transport</a>:</p>
-<pre><code class="hljs css language-properties"><span class="hljs-comment"># Configuration to enable authentication</span>
-<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
-<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
-</code></pre>
+<blockquote>
+<p>Note If got "unable to load CA private key" error and the reason is "No such file or directory: /etc/pki/CA/private/cakey.pem" in this step. Please try :</p>
+<pre><code class="hljs css language-bash"></code></pre>
+</blockquote>
+<p>$ cd /etc/pki/tls/misc/CA
+$ ./CA -newca</p>
+<pre><code class="hljs">
+to generate <span class="hljs-code">`cakey.pem`</span> .
+
+<span class="hljs-section">## 开启TLS认证</span>
+
+<span class="hljs-section">### ... on Brokers</span>
+
+To configure brokers to authenticate clients, put the following in <span class="hljs-code">`broker.conf`</span>, alongside [<span class="hljs-string">the configuration to enable tls transport</span>](<span class="hljs-link">security-tls-transport.md#broker-configuration</span>):
+
+<span class="hljs-code">```properties
+# Configuration to enable authentication
+authenticationEnabled=true
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderTls
+</span></code></pre>
<h3><a class="anchor" aria-hidden="true" id="on-proxies"></a><a href="#on-proxies" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1 [...]
-<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="/docs/zh-CN/next/security-tls-transport#proxy-configuration">the configuration to enable tls transport</a>:</p>
-<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="/docs/zh-CN/next/security-authorization">authorization guide</a> for more details.</p>
+<p>To configure proxies to authenticate clients, put the folling in <code>proxy.conf</code>, alongside <a href="security-tls-transport.md#proxy-configuration">the configuration to enable tls transport</a>:</p>
+<p>The proxy should have its own client key pair for connecting to brokers. The role token for this key pair should be configured in the <code>proxyRoles</code> of the brokers. See the <a href="security-authorization.md">authorization guide</a> for more details.</p>
<pre><code class="hljs css language-properties"><span class="hljs-comment"># For clients connecting to the proxy</span>
<span class="hljs-attr">authenticationEnabled</span>=<span class="hljs-string">true</span>
<span class="hljs-attr">authenticationProviders</span>=<span class="hljs-string">org.apache.pulsar.broker.authentication.AuthenticationProviderTls</span>
@@ -119,7 +135,7 @@
<h2><a class="anchor" aria-hidden="true" id="客户端配置"></a><a href="#客户端配置" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09 [...]
<p>When TLS authentication, the client needs to connect via TLS transport, so you need to configure the client to use <code>https://</code> and port 8443 for the web service URL, and <code>pulsar+ssl://</code> and port 6651 for the broker service URL.</p>
<h3><a class="anchor" aria-hidden="true" id="命令行工具"></a><a href="#命令行工具" aria-hidden="true" class="hash-link"><svg class="hash-link-icon" aria-hidden="true" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09 [...]
-<p><a href="/docs/zh-CN/next/reference-cli-tools">Command-line tools</a> like <a href="/docs/zh-CN/next/pulsar-admin"><code>pulsar-admin</code></a>, <a href="/docs/zh-CN/next/reference-cli-tools#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="/docs/zh-CN/next/reference-cli-tools#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
+<p><a href="reference-cli-tools.md">Command-line tools</a> like <a href="reference-pulsar-admin.md"><code>pulsar-admin</code></a>, <a href="reference-cli-tools.md#pulsar-perf"><code>pulsar-perf</code></a>, and <a href="reference-cli-tools.md#pulsar-client"><code>pulsar-client</code></a> use the <code>conf/client.conf</code> config file in a Pulsar installation.</p>
<p>You'll need to add the following parameters to that file to use TLS authentication with Pulsar's CLI tools:</p>
<pre><code class="hljs css language-properties"><span class="hljs-attr">webServiceUrl</span>=<span class="hljs-string">https://broker.example.com:8443/</span>
<span class="hljs-attr">brokerServiceUrl</span>=<span class="hljs-string">pulsar+ssl://broker.example.com:6651/</span>
@@ -163,7 +179,7 @@ config.setAuth(auth);
pulsar::<span class="hljs-function">Client <span class="hljs-title">client</span><span class="hljs-params">(<span class="hljs-string">"pulsar+ssl://broker.example.com:6651/"</span>, config)</span></span>;
</code></pre>
-</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/zh-CN/next/security-tls-transport"><span class="arrow-prev">← </span><span>使用TLS进行传输加密</span></a><a class="docs-next button" href="/docs/zh-CN/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls认证概述">TLS认证概述</a><ul class="toc-headings"><li><a href="#创 [...]
+</span></div></article></div><div class="docs-prevnext"><a class="docs-prev button" href="/docs/zh-CN/next/security-tls-transport"><span class="arrow-prev">← </span><span>使用TLS进行传输加密</span></a><a class="docs-next button" href="/docs/zh-CN/next/security-token-client"><span>Client Authentication using tokens</span><span class="arrow-next"> →</span></a></div></div></div><nav class="onPageNav"><ul class="toc-headings"><li><a href="#tls认证概述">TLS认证概述</a><ul class="toc-headings"><li><a href="#创 [...]
const community = document.querySelector("a[href='#community']").parentNode;
const communityMenu =
'<li>' +
diff --git a/content/swagger/swagger.json b/content/swagger/swagger.json
index 4df2077..90b17fa 100644
--- a/content/swagger/swagger.json
+++ b/content/swagger/swagger.json
@@ -7258,23 +7258,15 @@
"type" : "number",
"format" : "double"
},
- "overLoaded" : {
+ "underLoaded" : {
"type" : "boolean"
},
- "underLoaded" : {
+ "overLoaded" : {
"type" : "boolean"
},
"loadReportType" : {
"type" : "string"
},
- "msgThroughputIn" : {
- "type" : "number",
- "format" : "double"
- },
- "msgThroughputOut" : {
- "type" : "number",
- "format" : "double"
- },
"memory" : {
"$ref" : "#/definitions/ResourceUsage"
},
@@ -7291,6 +7283,14 @@
"type" : "integer",
"format" : "int64"
},
+ "msgThroughputIn" : {
+ "type" : "number",
+ "format" : "double"
+ },
+ "msgThroughputOut" : {
+ "type" : "number",
+ "format" : "double"
+ },
"cpu" : {
"$ref" : "#/definitions/ResourceUsage"
}
@@ -7452,10 +7452,10 @@
"type" : "number",
"format" : "double"
},
- "producerName" : {
+ "connectedSince" : {
"type" : "string"
},
- "connectedSince" : {
+ "producerName" : {
"type" : "string"
},
"clientVersion" : {
@@ -8182,10 +8182,10 @@
"type" : "string"
}
},
- "producerName" : {
+ "connectedSince" : {
"type" : "string"
},
- "connectedSince" : {
+ "producerName" : {
"type" : "string"
},
"clientVersion" : {
@@ -8290,11 +8290,11 @@
"ResourceUnit" : {
"type" : "object",
"properties" : {
- "availableResource" : {
- "$ref" : "#/definitions/ResourceDescription"
- },
"resourceId" : {
"type" : "string"
+ },
+ "availableResource" : {
+ "$ref" : "#/definitions/ResourceDescription"
}
}
},
diff --git a/content/swagger/swaggerfunctions.json b/content/swagger/swaggerfunctions.json
index 21579a6..586c0ac 100644
--- a/content/swagger/swaggerfunctions.json
+++ b/content/swagger/swaggerfunctions.json
@@ -1185,6 +1185,24 @@
"Message" : {
"type" : "object",
"properties" : {
+ "producerName" : {
+ "type" : "string"
+ },
+ "publishTime" : {
+ "type" : "integer",
+ "format" : "int64"
+ },
+ "eventTime" : {
+ "type" : "integer",
+ "format" : "int64"
+ },
+ "topicName" : {
+ "type" : "string"
+ },
+ "redeliveryCount" : {
+ "type" : "integer",
+ "format" : "int32"
+ },
"orderingKey" : {
"type" : "array",
"items" : {
@@ -1195,10 +1213,6 @@
"encryptionCtx" : {
"$ref" : "#/definitions/EncryptionContext"
},
- "redeliveryCount" : {
- "type" : "integer",
- "format" : "int32"
- },
"schemaVersion" : {
"type" : "array",
"items" : {
@@ -1206,27 +1220,9 @@
"format" : "byte"
}
},
- "publishTime" : {
- "type" : "integer",
- "format" : "int64"
- },
- "eventTime" : {
- "type" : "integer",
- "format" : "int64"
- },
- "topicName" : {
- "type" : "string"
- },
"messageId" : {
"$ref" : "#/definitions/MessageId"
},
- "sequenceId" : {
- "type" : "integer",
- "format" : "int64"
- },
- "producerName" : {
- "type" : "string"
- },
"keyBytes" : {
"type" : "array",
"items" : {
@@ -1234,6 +1230,10 @@
"format" : "byte"
}
},
+ "sequenceId" : {
+ "type" : "integer",
+ "format" : "int64"
+ },
"data" : {
"type" : "array",
"items" : {