[
https://issues.apache.org/jira/browse/FLINK-25866?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17495524#comment-17495524
]
Fil Karnicki commented on FLINK-25866:
--------------------------------------
Hi [~igal] could you assign this Jira to me please?
Here's what I'm planning on doing:
# Create `DefaultHttpRequestReplyClient` and `NettyClient` tests that call a
dynamically spun up test netty server on a free port, which returns 200
# Append `DefaultHttpRequestReplyClientSpecTest` and create a
`DefaultHttpRequestReplyClientSpec` to include the new config values of
`trust_cacerts`, `client_certs` and `client_key`
# Append tests from (1) to include cases for client TLS (checking that a call
using a cert signed by a trusted ca succeeds, and a call using a cert signed by
someone else fails)
# Update .md files
Please let me know if you think I should change anything else. Maybe make some
of the smoke tests use mutual TLS ?
Kind regards
Fil
> Support additional TLS configuration.
> -------------------------------------
>
> Key: FLINK-25866
> URL: https://issues.apache.org/jira/browse/FLINK-25866
> Project: Flink
> Issue Type: Improvement
> Components: Stateful Functions
> Reporter: Igal Shilman
> Priority: Major
>
> Currently the default HTTP client used to invoke remote functions does not
> support customising the TLS settings as part of the endpoint spec definition.
> This includes
> using self-signed certificates, and providing client side certificates for
> authentication (which is a slightly different requirement).
> This issue is about including additional TLS settings to the default endpoint
> resource definition, and supporting them in statefun-core.
> User mailing list threads:
> * [client cert auth in remote
> function|https://lists.apache.org/thread/97nw245kxqp32qglwfynhhgyhgp2pxvg]
> * [endpoint self-signed certificate
> problem|https://lists.apache.org/thread/y2m2bpwg4n71rxfont6pgky2t8m19n7w]
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
