(rocketmq) branch develop updated: refactor(proxy): Make TLS certificate watch interval configurable (#9513)

[lollipop]

This is an automated email from the ASF dual-hosted git repository.

lollipop pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/rocketmq.git


The following commit(s) were added to refs/heads/develop by this push:
     new c3c4101b4c refactor(proxy): Make TLS certificate watch interval 
configurable (#9513)
c3c4101b4c is described below

commit c3c4101b4cd6d175436a1bf44629a4d53955ea0f
Author: EnableAsync <43645467+enableas...@users.noreply.github.com>
AuthorDate: Wed Jul 2 09:59:51 2025 +0800

    refactor(proxy): Make TLS certificate watch interval configurable (#9513)
    
    refactor(proxy): Make TLS certificate watch interval configurable
---
 .../main/java/org/apache/rocketmq/proxy/config/ProxyConfig.java  | 9 +++++++++
 .../rocketmq/proxy/service/cert/TlsCertificateManager.java       | 5 +++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git 
a/proxy/src/main/java/org/apache/rocketmq/proxy/config/ProxyConfig.java 
b/proxy/src/main/java/org/apache/rocketmq/proxy/config/ProxyConfig.java
index e3e60b76bb..a99b0afc35 100644
--- a/proxy/src/main/java/org/apache/rocketmq/proxy/config/ProxyConfig.java
+++ b/proxy/src/main/java/org/apache/rocketmq/proxy/config/ProxyConfig.java
@@ -83,6 +83,7 @@ public class ProxyConfig implements ConfigFile {
     private boolean tlsTestModeEnable = true;
     private String tlsKeyPath = ConfigurationManager.getProxyHome() + 
"/conf/tls/rocketmq.key";
     private String tlsCertPath = ConfigurationManager.getProxyHome() + 
"/conf/tls/rocketmq.crt";
+    private int tlsCertWatchIntervalMs = 60 * 60 * 1000; // 1 hour
     /**
      * gRPC
      */
@@ -325,6 +326,14 @@ public class ProxyConfig implements ConfigFile {
         }
     }
 
+    public int getTlsCertWatchIntervalMs() {
+        return tlsCertWatchIntervalMs;
+    }
+
+    public void setTlsCertWatchIntervalMs(int tlsCertWatchIntervalMs) {
+        this.tlsCertWatchIntervalMs = tlsCertWatchIntervalMs;
+    }
+
     public String getRocketMQClusterName() {
         return rocketMQClusterName;
     }
diff --git 
a/proxy/src/main/java/org/apache/rocketmq/proxy/service/cert/TlsCertificateManager.java
 
b/proxy/src/main/java/org/apache/rocketmq/proxy/service/cert/TlsCertificateManager.java
index 0e6f43baa3..2ab4f31b6e 100644
--- 
a/proxy/src/main/java/org/apache/rocketmq/proxy/service/cert/TlsCertificateManager.java
+++ 
b/proxy/src/main/java/org/apache/rocketmq/proxy/service/cert/TlsCertificateManager.java
@@ -15,6 +15,7 @@
  * limitations under the License.
  */
 package org.apache.rocketmq.proxy.service.cert;
+
 import org.apache.rocketmq.common.constant.LoggerName;
 import org.apache.rocketmq.common.utils.StartAndShutdown;
 import org.apache.rocketmq.logging.org.slf4j.Logger;
@@ -39,7 +40,7 @@ public class TlsCertificateManager implements 
StartAndShutdown {
                     ConfigurationManager.getProxyConfig().getTlsKeyPath()
                 },
                 new CertKeyFileWatchListener(),
-                60 * 60 * 1000 /* 1 hour */
+                
ConfigurationManager.getProxyConfig().getTlsCertWatchIntervalMs()
             );
         } catch (Exception e) {
             log.error("Failed to initialize TLS certificate watch service", e);
@@ -107,7 +108,7 @@ public class TlsCertificateManager implements 
StartAndShutdown {
             for (TlsContextReloadListener listener : reloadListeners) {
                 try {
                     listener.onTlsContextReload();
-                } catch (Exception e) {
+                } catch (Throwable e) {
                     log.error("Failed to notify TLS context reload to 
listener: " + listener, e);
                 }
             }