qiuyanjun888 commented on PR #28532:
URL: https://github.com/apache/flink/pull/28532#issuecomment-4881019249

   Thanks for the review. Updated in `92ef4dd9b9`:
   
   - Moved REST `.clientAuth(clientAuth)` out of the common builder chain and 
now apply it only on the server-side builder when client authentication is 
enabled.
   - Added DEBUG logging for internal/REST SSL settings, including provider, 
mode, client auth, protocols, cipher suites, and internal session settings.
   - Added DEBUG logging for RPC/Pekko SSL settings, including enablement, 
protocol, algorithms, key/trust store configured flags and types, 
cert-fingerprint configured flag, mutual auth, and SSL engine provider.
   - The new logs do not include passwords or secret material.
   
   Verified locally:
   
   - `git diff --check`
   - `JAVA_HOME=/opt/data/tools/jdk-17 ./mvnw -pl flink-runtime 
-Dtest=SSLUtilsTest test`
   - `JAVA_HOME=/opt/data/tools/jdk-17 ./mvnw -pl flink-rpc/flink-rpc-akka 
-Dtest=PekkoUtilsTest test`


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to