apucher commented on a change in pull request #6418:
URL: https://github.com/apache/incubator-pinot/pull/6418#discussion_r557836431
##########
File path:
pinot-controller/src/main/java/org/apache/pinot/controller/ControllerStarter.java
##########
@@ -413,10 +413,21 @@ protected void configure() {
}
});
- _adminApp.start(_listenerConfigs);
+ TlsConfig tlsDefaults = TlsUtils.extractTlsConfig(_config,
ControllerConf.CONTROLLER_TLS_PREFIX);
+
+ // install default SSL context if necessary
+ if
(CommonConstants.HTTPS_PROTOCOL.equals(_config.getProperty(ControllerConf.CONTROLLER_BROKER_PROTOCOL)))
{
+ LOGGER.info("Installing default SSL context for broker relay requests");
+ TlsConfig tlsConfig = TlsUtils.extractTlsConfig(tlsDefaults, _config,
ControllerConf.CONTROLLER_BROKER_TLS_PREFIX);
Review comment:
imo "principle of least surprise" applies here. If I create a config
pojo I wouldn't expect the side-effect of someone rewriting my ssl-factories
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org
