> Is it possible to deprecate the option to configure the certificates
in the AuthenticationTls class? I think it should be since the certs
are now configured as top level configuration, and they need only be
configured once.
We can't do that deprecate the option to configure the certificates in t
I know it's a bit late to respond, but just want to confirm that
Zixuan is correct that we cannot deprecate the `AuthenticationTls`
class because we rely on that class to set the authentication mode in
the pulsar protocol. That mode is then used by the ServerCnx for
authentication and authorization
Hi Michael, It's not the same here.
If you use AuthenticationTLS, which means you enable TLS authentication and
transport.
```
PulsarClient client = PulsarClient.builder()
.serviceUrl("pulsar://my-host:6651")
.tlsTrustCertsFilePath("/path/to/cacert.pem")
.tlsKeyFilePath("/
Thanks for your responses, Zixuan.
I think it might make sense to eventually deprecate the
AuthenticationTLS class, if only because I think it can be confusing
to give users two ways to configure the same thing. However, that is a
minor detail. For now, we'll need to support both.
Thanks,
Michael
You can see the code in the implementation part, this will be consistent
with the actual document.
Zixuan Liu 于2022年5月12日周四 17:03写道:
> Hi Michael,
>
> Thanks for your feedback!
>
> > I notice that the PIP doesn't
> mention documentation. Since we're adding another way to configure
> mTLS, pleas
Hi Michael,
Thanks for your feedback!
> I notice that the PIP doesn't
mention documentation. Since we're adding another way to configure
mTLS, please make sure to document the recommended way that users
should take advantage of this feature and how this feature relates to the
existing Authentica
I agree that the current state of this feature is a bit confusing, and
I think the proposed changes make sense. I notice that the PIP doesn't
mention documentation. Since we're adding another way to configure
mTLS, please make sure to document the recommended way that users
should take advantage of
Thanks for your clarification. Let’s continue maintaining these configs in
`ClientBuilder`.
Thanks,
Yunze
> 2022年5月9日 13:54,Zixuan Liu 写道:
>
> Hi Yunze,
>
> Thanks for your suggestion, your idea is great, but we have the
> `tlsProtocols()` and `tlsCiphers()` in `ClientBuilder`, so I use thi
Hi Yunze,
Thanks for your suggestion, your idea is great, but we have the
`tlsProtocols()` and `tlsCiphers()` in `ClientBuilder`, so I use this style.
Thanks,
Zixuan
Yunze Xu 于2022年5月9日周一 13:31写道:
> It totally LGTM. I have a suggestion that it might be better to configure a
> class like `TlsCo
It totally LGTM. I have a suggestion that it might be better to configure a
class like `TlsConfiguration` instead of multiple TLS related configs added to
`ClientBuilder`.
Thanks,
Yunze
> 2022年4月24日 14:15,Zixuan Liu 写道:
>
> Hi Pulsar community,
>
> I open a https://github.com/apache/pulsar/
Hi Pulsar community,
I open a https://github.com/apache/pulsar/issues/15289 for Split client TLS
transport encryption from authentication.
Let me know what you think.
Thanks,
Zixuan
--
Motivation
The client supports TLS transport encryption and TLS authentication, this
code so like:
Puls
11 matches
Mail list logo
