This is an automated email from the ASF dual-hosted git repository.
pjfanning pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/pekko-persistence-r2dbc.git
The following commit(s) were added to refs/heads/main by this push:
new 05c237a feat: allow client certificates for SSL connections to be
configured (#354)
05c237a is described below
commit 05c237a53c8dd7f67ac4c2cb7d8bb7a404c3d413
Author: PJ Fanning <[email protected]>
AuthorDate: Tue May 5 15:33:25 2026 +0100
feat: allow client certificates for SSL connections to be configured (#354)
Agent-Logs-Url:
https://github.com/pjfanning/incubator-pekko-persistence-r2dbc/sessions/aad16e8d-9630-4956-984e-849f44e5ea7f
Co-authored-by: copilot-swe-agent[bot]
<[email protected]>
Co-authored-by: pjfanning <[email protected]>
---
core/src/main/resources/reference.conf | 11 ++++++++++-
.../pekko/persistence/r2dbc/ConnectionFactoryProvider.scala | 9 +++++++++
.../org/apache/pekko/persistence/r2dbc/R2dbcSettings.scala | 3 +++
3 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/core/src/main/resources/reference.conf
b/core/src/main/resources/reference.conf
index ba1eec8..0344382 100644
--- a/core/src/main/resources/reference.conf
+++ b/core/src/main/resources/reference.conf
@@ -174,8 +174,17 @@ pekko.persistence.r2dbc {
# tunnel - use a SSL tunnel instead of following Postgres SSL handshake
protocol
mode = ""
- # Can point to either a resource within the classpath or a file.
+ # Server root certificate. Can point to either a resource within the
classpath or a file.
root-cert = ""
+
+ # Client certificate. Can point to either a resource within the
classpath or a file.
+ cert = ""
+
+ # Key for client certificate. Can point to either a resource within the
classpath or a file.
+ key = ""
+
+ # Password for client key.
+ password = ""
}
# Initial pool size.
diff --git
a/core/src/main/scala/org/apache/pekko/persistence/r2dbc/ConnectionFactoryProvider.scala
b/core/src/main/scala/org/apache/pekko/persistence/r2dbc/ConnectionFactoryProvider.scala
index 39eeee5..8fbffbe 100644
---
a/core/src/main/scala/org/apache/pekko/persistence/r2dbc/ConnectionFactoryProvider.scala
+++
b/core/src/main/scala/org/apache/pekko/persistence/r2dbc/ConnectionFactoryProvider.scala
@@ -155,6 +155,15 @@ class ConnectionFactoryProvider(system: ActorSystem[_])
extends Extension {
if (settings.sslRootCert.nonEmpty)
builder.option(PostgresqlConnectionFactoryProvider.SSL_ROOT_CERT,
settings.sslRootCert)
+
+ if (settings.sslCert.nonEmpty)
+ builder.option(PostgresqlConnectionFactoryProvider.SSL_CERT,
settings.sslCert)
+
+ if (settings.sslKey.nonEmpty)
+ builder.option(PostgresqlConnectionFactoryProvider.SSL_KEY,
settings.sslKey)
+
+ if (settings.sslPassword.nonEmpty)
+ builder.option(PostgresqlConnectionFactoryProvider.SSL_PASSWORD,
settings.sslPassword)
}
if (settings.driver == "mysql") {
diff --git
a/core/src/main/scala/org/apache/pekko/persistence/r2dbc/R2dbcSettings.scala
b/core/src/main/scala/org/apache/pekko/persistence/r2dbc/R2dbcSettings.scala
index 674e82f..6a5d368 100644
--- a/core/src/main/scala/org/apache/pekko/persistence/r2dbc/R2dbcSettings.scala
+++ b/core/src/main/scala/org/apache/pekko/persistence/r2dbc/R2dbcSettings.scala
@@ -252,6 +252,9 @@ final class ConnectionFactorySettings(config: Config) {
val sslEnabled: Boolean = config.getBoolean("ssl.enabled")
val sslMode: String = config.getString("ssl.mode")
val sslRootCert: String = config.getString("ssl.root-cert")
+ val sslCert: String = config.getString("ssl.cert")
+ val sslKey: String = config.getString("ssl.key")
+ val sslPassword: String = config.getString("ssl.password")
val initialSize: Int = config.getInt("initial-size")
val maxSize: Int = config.getInt("max-size")
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
