[DSIP-76] Support ssl in netty #16673
Conversation
xdu-chenrj
requested review from
songjianet,
SbloodyS,
ruanwenjun and
caishunfeng
as code owners
SbloodyS
changed the title
|
I think you miss the code of master-server .The task of other system sholud call other system in master-server . |
wangxj3
changed the title
I will complete it later |
Is it adding UT, testing functions in the class? |
UT and these tests are different types of tests. You can find the corresponding examples in the following links. |
Thank you |
okay, I will do it |
|
| @@ -200,4 +200,4 @@ jobs: | |||
| if [[ ${{ needs.e2e.result }} != 'success' ]]; then | |||
| echo "E2E Failed!" | |||
| exit -1 | |||
| fi | |||
| fi | |||
There was a problem hiding this comment.
Please revert these unrelated changes, this can help the reviewer have a better review.
| To enable SLL authentication, you have two things to do. Firstly, you need to generate `cert.crt` and `private.pem` files. | ||
|
|
||
| Step 1: Generate private key (private.pem) | ||
|
|
||
| Open the terminal and run the following command to generate a private key: | ||
|
|
||
| ```bash | ||
| openssl genpkey -algorithm RSA -out private.pem -pkeyopt rsa_keygen_bits:2048 | ||
| ``` | ||
|
|
||
| This command will generate a 2048 bit RSA private key and save it as a private.pem file. | ||
|
|
||
| Step 2: Generate Certificate Signing Request (CSR) | ||
|
|
||
| Before generating a certificate, you need to generate a Certificate Signing Request (CSR). Run the following command: | ||
|
|
||
| ```bash | ||
| openssl req -new -key private.pem -out request.csr | ||
| ``` | ||
|
|
||
| This command will prompt you to enter some information, such as country, state/province, organization name, etc. The information you input will be embedded into the generated certificate. | ||
|
|
||
| Step 3: Generate a self signed certificate (cert.crt) | ||
|
|
||
| Use CSR to generate self signed certificates. Run the following command: | ||
|
|
||
| ```bash | ||
| openssl x509 -req -days 365 -in request.csr -signkey private.pem -out cert.crt | ||
| ``` | ||
|
|
There was a problem hiding this comment.
We don't need to address how to generate cert.crt and private.pem.
| RegistryConfiguration.class, | ||
| NettySslConfig.class}) |
| @Data | ||
| public class NettyRpcConfig { | ||
|
|
||
| private NettySslConfig nettySslConfig; |
There was a problem hiding this comment.
| private NettySslConfig nettySslConfig; | |
| private NettySslConfig nettySslConfig = new NettySslConfig(); |
| @Data | ||
| public class NettySslConfig { | ||
|
|
||
| public boolean enabled; |
There was a problem hiding this comment.
| public boolean enabled; | |
| public boolean enabled = false; |
close #16688