You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "Igal Shilman (Jira)" <ji...@apache.org> on 2022/01/28 12:12:00 UTC

[jira] [Commented] (FLINK-25866) Support additional TLS configuration.

    [ https://issues.apache.org/jira/browse/FLINK-25866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17483742#comment-17483742 ] 

Igal Shilman commented on FLINK-25866:
--------------------------------------

I was thinking about something like this:
{code:java}
kind: io.statefun.endpoints.v2/http
spec:
  functions: greeter.fns/*
  urlPathTemplate: http://greeter-functions:1108/
  transport:
    type: io.statefun.transports.v1/async 
    trust_cacerts: /path/to/cacerts
    auth_key: /path/to/mounted_secretes/key.pem
    auth_certs: /path/to/client_cert.pem
       {code}

> Support additional TLS configuration.
> -------------------------------------
>
>                 Key: FLINK-25866
>                 URL: https://issues.apache.org/jira/browse/FLINK-25866
>             Project: Flink
>          Issue Type: Improvement
>          Components: Stateful Functions
>            Reporter: Igal Shilman
>            Priority: Major
>
> Currently the default HTTP client used to invoke remote functions does not support customising the TLS settings as part of the endpoint spec definition. This includes
> using self-signed certificates, and providing client side certificates for authentication (which is a slightly different requirement).
> This issue is about including additional TLS settings to the default endpoint resource definition, and supporting them in statefun-core.
> User mailing list threads:
>  * [client cert auth in remote function|https://lists.apache.org/thread/97nw245kxqp32qglwfynhhgyhgp2pxvg]
>  * [endpoint self-signed certificate problem|https://lists.apache.org/thread/y2m2bpwg4n71rxfont6pgky2t8m19n7w]
>  
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)