diff options
| author | Øyvind Grønnesby <oyving@verizonmedia.com> | 2019-08-14 14:46:50 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-14 14:46:50 +0200 |
| commit | 73757bb8992ce337cb26640834f928577fe9125a (patch) | |
| tree | 6341e9bf8d230a41e76781993e452648b1da8762 /jdisc_http_service | |
| parent | 0a4669d973810e02fd7a6be10b5a1ee03142d5b4 (diff) | |
| parent | 6db214234310b8e2841d964c610cf5dcf01b747b (diff) | |
Merge pull request #10238 from vespa-engine/ogronnesby/propagate-ca-in-config
Add the CA certificates to configuration and read it from app package
Diffstat (limited to 'jdisc_http_service')
| -rw-r--r-- | jdisc_http_service/abi-spec.json | 2 | ||||
| -rw-r--r-- | jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def | 7 |
2 files changed, 9 insertions, 0 deletions
diff --git a/jdisc_http_service/abi-spec.json b/jdisc_http_service/abi-spec.json index 6f41c4ced06..6e04ba741e6 100644 --- a/jdisc_http_service/abi-spec.json +++ b/jdisc_http_service/abi-spec.json @@ -84,6 +84,7 @@ "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder certificateFile(java.lang.String)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder certificate(java.lang.String)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder caCertificateFile(java.lang.String)", + "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder caCertificate(java.lang.String)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder clientAuth(com.yahoo.jdisc.http.ConnectorConfig$Ssl$ClientAuth$Enum)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl build()" ], @@ -139,6 +140,7 @@ "public java.lang.String certificateFile()", "public java.lang.String certificate()", "public java.lang.String caCertificateFile()", + "public java.lang.String caCertificate()", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$ClientAuth$Enum clientAuth()" ], "fields": [] diff --git a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def index c6de875417c..f02a0d7b4a3 100644 --- a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def +++ b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def @@ -69,8 +69,15 @@ ssl.certificateFile string default="" ssl.certificate string default="" # with trusted CA certificates in PEM format. Used to verify clients +# - this is the name of a file on the local container file system +# - only one of caCertificateFile and caCertificate ssl.caCertificateFile string default="" +# with trusted CA certificates in PEM format. Used to verify clients +# - this is the actual certificates instead of a pointer to the file +# - only one of caCertificateFile and caCertificate +ssl.caCertificate string default="" + # Client authentication mode. See SSLEngine.getNeedClientAuth()/getWantClientAuth() for details. ssl.clientAuth enum { DISABLED, WANT_AUTH, NEED_AUTH } default=DISABLED |