You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rocketmq.apache.org by yu...@apache.org on 2017/12/01 11:52:44 UTC
[rocketmq] branch develop updated: [ROCKETMQ-315] Enhance TLS
default settings
This is an automated email from the ASF dual-hosted git repository.
yukon pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/rocketmq.git
The following commit(s) were added to refs/heads/develop by this push:
new 5a2e710 [ROCKETMQ-315] Enhance TLS default settings
5a2e710 is described below
commit 5a2e71098793be75cc5b2c8984e99ad3651eba40
Author: shutian.lzh <sh...@alibaba-inc.com>
AuthorDate: Fri Dec 1 19:52:30 2017 +0800
[ROCKETMQ-315] Enhance TLS default settings
Author: shutian.lzh <sh...@alibaba-inc.com>
Closes #194 from lizhanhui/tls_enhance_defaults.
---
broker/src/main/java/org/apache/rocketmq/broker/BrokerStartup.java | 2 +-
.../main/java/org/apache/rocketmq/remoting/netty/NettySystemConfig.java | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/broker/src/main/java/org/apache/rocketmq/broker/BrokerStartup.java b/broker/src/main/java/org/apache/rocketmq/broker/BrokerStartup.java
index e9237b6..a066652 100644
--- a/broker/src/main/java/org/apache/rocketmq/broker/BrokerStartup.java
+++ b/broker/src/main/java/org/apache/rocketmq/broker/BrokerStartup.java
@@ -98,7 +98,7 @@ public class BrokerStartup {
final BrokerConfig brokerConfig = new BrokerConfig();
final NettyServerConfig nettyServerConfig = new NettyServerConfig();
final NettyClientConfig nettyClientConfig = new NettyClientConfig();
- nettyClientConfig.setUseTLS(NettySystemConfig.sslMode != SslMode.DISABLED);
+ nettyClientConfig.setUseTLS(NettySystemConfig.sslMode == SslMode.ENFORCING);
nettyServerConfig.setListenPort(10911);
final MessageStoreConfig messageStoreConfig = new MessageStoreConfig();
diff --git a/remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettySystemConfig.java b/remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettySystemConfig.java
index 28a7f27..b9c1f3f 100644
--- a/remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettySystemConfig.java
+++ b/remoting/src/main/java/org/apache/rocketmq/remoting/netty/NettySystemConfig.java
@@ -57,7 +57,7 @@ public class NettySystemConfig {
* </ol>
*/
public static SslMode sslMode = //
- SslMode.parse(System.getProperty(ORG_APACHE_ROCKETMQ_REMOTING_SSL_MODE, "disabled"));
+ SslMode.parse(System.getProperty(ORG_APACHE_ROCKETMQ_REMOTING_SSL_MODE, "permissive"));
public static String sslConfigFile = //
System.getProperty(ORG_APACHE_ROCKETMQ_REMOTING_SSL_CONFIG_FILE, "/etc/rocketmq/ssl.properties");
--
To stop receiving notification emails like this one, please contact
['"commits@rocketmq.apache.org" <co...@rocketmq.apache.org>'].