You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Igal Shilman (Jira)" <ji...@apache.org> on 2022/01/28 12:12:00 UTC
[jira] [Commented] (FLINK-25866) Support additional TLS configuration.
[ https://issues.apache.org/jira/browse/FLINK-25866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17483742#comment-17483742 ]
Igal Shilman commented on FLINK-25866:
--------------------------------------
I was thinking about something like this:
{code:java}
kind: io.statefun.endpoints.v2/http
spec:
functions: greeter.fns/*
urlPathTemplate: http://greeter-functions:1108/
transport:
type: io.statefun.transports.v1/async
trust_cacerts: /path/to/cacerts
auth_key: /path/to/mounted_secretes/key.pem
auth_certs: /path/to/client_cert.pem
{code}
> Support additional TLS configuration.
> -------------------------------------
>
> Key: FLINK-25866
> URL: https://issues.apache.org/jira/browse/FLINK-25866
> Project: Flink
> Issue Type: Improvement
> Components: Stateful Functions
> Reporter: Igal Shilman
> Priority: Major
>
> Currently the default HTTP client used to invoke remote functions does not support customising the TLS settings as part of the endpoint spec definition. This includes
> using self-signed certificates, and providing client side certificates for authentication (which is a slightly different requirement).
> This issue is about including additional TLS settings to the default endpoint resource definition, and supporting them in statefun-core.
> User mailing list threads:
> * [client cert auth in remote function|https://lists.apache.org/thread/97nw245kxqp32qglwfynhhgyhgp2pxvg]
> * [endpoint self-signed certificate problem|https://lists.apache.org/thread/y2m2bpwg4n71rxfont6pgky2t8m19n7w]
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)