lizhimins commented on code in PR #9483:
URL: https://github.com/apache/rocketmq/pull/9483#discussion_r2167960783
##########
proxy/src/main/java/org/apache/rocketmq/proxy/grpc/ProxyAndTlsProtocolNegotiator.java:
##########
@@ -90,35 +103,36 @@ public ChannelHandler
newHandler(GrpcHttp2ConnectionHandler grpcHandler) {
public void close() {
}
- private static SslContext loadSslContext() {
- try {
- ProxyConfig proxyConfig = ConfigurationManager.getProxyConfig();
- if (proxyConfig.isTlsTestModeEnable()) {
- SelfSignedCertificate selfSignedCertificate = new
SelfSignedCertificate();
- return
GrpcSslContexts.forServer(selfSignedCertificate.certificate(),
- selfSignedCertificate.privateKey())
+ public static void loadSslContext() throws CertificateException,
IOException {
+ ProxyConfig proxyConfig = ConfigurationManager.getProxyConfig();
+ SslProvider provider;
+ if (OpenSsl.isAvailable()) {
+ provider = SslProvider.OPENSSL;
+ log.info("Using OpenSSL provider");
+ } else {
+ provider = SslProvider.JDK;
+ log.info("Using JDK SSL provider");
+ }
+ if (proxyConfig.isTlsTestModeEnable()) {
+ SelfSignedCertificate selfSignedCertificate = new
SelfSignedCertificate();
+ sslContext =
GrpcSslContexts.forServer(selfSignedCertificate.certificate(),
selfSignedCertificate.privateKey())
+ .sslProvider(provider)
+ .trustManager(InsecureTrustManagerFactory.INSTANCE)
+ .clientAuth(ClientAuth.NONE)
+ .build();
+ } else {
+ String tlsCertPath =
ConfigurationManager.getProxyConfig().getTlsCertPath();
+ String tlsKeyPath =
ConfigurationManager.getProxyConfig().getTlsKeyPath();
+ try (InputStream serverKeyInputStream = Files.newInputStream(
Review Comment:
format strange
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
