You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by "Frank Swanson (JIRA)" <ji...@apache.org> on 2017/11/09 17:34:00 UTC

[jira] [Commented] (LOG4J2-2072) Support TLS configuration through FlumeAppender

    [ https://issues.apache.org/jira/browse/LOG4J2-2072?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16246119#comment-16246119 ] 

Frank Swanson commented on LOG4J2-2072:
---------------------------------------

Thank you for the links, Much appreciated. I think this does make sense for the product as it evolves. While I understand and absolutely agree with the desire to update the interface. That is not related to the issue that this ticket exposes which is that this tool does not support SSL therefore rendering this essentially unusable in production. This issue is easily resolved with the approach mentioned in my initial statement. 

Given all these valid points, I think what makes the most sense and is something I would be willing to do is: open a ticket to update the interface and also take that ticket on once we have completed getting the tool with its current interface to able to work with ssl simply by passing the properties through and proving this works with unit tests similar to what is there today in the non-ssl context.

> Support TLS configuration through FlumeAppender
> -----------------------------------------------
>
>                 Key: LOG4J2-2072
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-2072
>             Project: Log4j 2
>          Issue Type: Bug
>          Components: Flume Appender
>    Affects Versions: 2.9.1
>            Reporter: Frank Swanson
>
> When using the FlumeAppnder with a FlumeAvroManager it would be nice to be able to pass some properties through to the connect method for the RpcClient to support SSL configuration.
> The required properties to support the configuration are ~
>             properties[0] = Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUST_ALL_CERTS, "false");
>             properties[1] = Property.createProperty(RpcClientConfigurationConstants.CONFIG_SSL, "true");
>             properties[2] = Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUSTSTORE, path_to_truststore);
>             properties[3] = Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUSTSTORE_PASSWORD, super_secret);
>             properties[4] = Property.createProperty(RpcClientConfigurationConstants.CONFIG_TRUSTSTORE_TYPE, "JKS");
> I am happy to provide a PR for this feature if supported. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)