diff options
author | Øyvind Grønnesby <oyving@verizonmedia.com> | 2019-08-12 16:36:14 +0200 |
---|---|---|
committer | Øyvind Grønnesby <oyving@verizonmedia.com> | 2019-08-12 16:39:26 +0200 |
commit | b3d356dcfa20bee655e4e95531f82268c68c32d1 (patch) | |
tree | d2bb31565f0ecaf1d47091c832a75efe2f82723f /jdisc_http_service | |
parent | 8f72e05f6454f75da6130b94e6fc2912ce1cdd4b (diff) |
Add the CA certificates to configuration and read it from application package
Diffstat (limited to 'jdisc_http_service')
-rw-r--r-- | jdisc_http_service/abi-spec.json | 2 | ||||
-rw-r--r-- | jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def | 7 |
2 files changed, 9 insertions, 0 deletions
diff --git a/jdisc_http_service/abi-spec.json b/jdisc_http_service/abi-spec.json index f915dc1e8c1..b06250c4593 100644 --- a/jdisc_http_service/abi-spec.json +++ b/jdisc_http_service/abi-spec.json @@ -82,6 +82,7 @@ "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder certificateFile(java.lang.String)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder certificate(java.lang.String)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder caCertificateFile(java.lang.String)", + "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder caCertificate(java.lang.String)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$Builder clientAuth(com.yahoo.jdisc.http.ConnectorConfig$Ssl$ClientAuth$Enum)", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl build()" ], @@ -137,6 +138,7 @@ "public java.lang.String certificateFile()", "public java.lang.String certificate()", "public java.lang.String caCertificateFile()", + "public java.lang.String caCertificate()", "public com.yahoo.jdisc.http.ConnectorConfig$Ssl$ClientAuth$Enum clientAuth()" ], "fields": [] diff --git a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def index c6c6fad345b..9b6fb5401e2 100644 --- a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def +++ b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def @@ -69,7 +69,14 @@ ssl.certificateFile string default="" ssl.certificate string default="" # with trusted CA certificates in PEM format. Used to verify clients +# - this is the name of a file on the local container file system +# - only one of caCertificateFile and caCertificate ssl.caCertificateFile string default="" +# with trusted CA certificates in PEM format. Used to verify clients +# - this is the actual certificates instead of a pointer to the file +# - only one of caCertificateFile and caCertificate +ssl.caCertificate string default="" + # Client authentication mode. See SSLEngine.getNeedClientAuth()/getWantClientAuth() for details. ssl.clientAuth enum { DISABLED, WANT_AUTH, NEED_AUTH } default=DISABLED |