You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@geode.apache.org by GitBox <gi...@apache.org> on 2021/03/16 21:09:12 UTC

[GitHub] [geode] aaronlindsey edited a comment on pull request #6106: GEODE-9017: Reload key and trust store upon change

aaronlindsey edited a comment on pull request #6106:
URL: https://github.com/apache/geode/pull/6106#issuecomment-800604696


   The latest commit makes a subtle change to `SSLUtil.createAndConfigureSSLContext`. It removes some code duplication by adding a single implementation for loading the key/trust managers instead of one implementation in `SocketCreator` and another implementation in `SSLUtil`. This was necessary because otherwise we would create multiple file watches for the same file which would lead to confusing logs and behavior. The SocketCreator implementation is chosen because it handles passwords provided by env var, encrypted passwords, and having the key/trust store file located in the user's home directory. However, this means that now SSLUtil will behave the same way as SocketCreator (whereas previously SSLUtil did not handle env var passwords, encrypted passwords, or home directory key/trust store file).
   
   I'm requesting a re-review from codeowners of the relevant files since it was a non-trivial change.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org