diff options
author | Harald Musum <musum@verizonmedia.com> | 2021-03-10 14:58:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-10 14:58:47 +0100 |
commit | 4612c2ff57741008812473bd1d703d2a16212d17 (patch) | |
tree | ab0eb1c12c4f09ff17a27344de837c66b585a1b1 /zkfacade | |
parent | 2931b2781b2418186d5f05e8e286414f0a74a32a (diff) |
Revert "Specify TLS configuration when enabling secure ZK client"
Diffstat (limited to 'zkfacade')
-rw-r--r-- | zkfacade/src/main/java/com/yahoo/vespa/curator/Curator.java | 11 |
1 files changed, 2 insertions, 9 deletions
diff --git a/zkfacade/src/main/java/com/yahoo/vespa/curator/Curator.java b/zkfacade/src/main/java/com/yahoo/vespa/curator/Curator.java index 4cbb6c95cb4..adfd9bd051f 100644 --- a/zkfacade/src/main/java/com/yahoo/vespa/curator/Curator.java +++ b/zkfacade/src/main/java/com/yahoo/vespa/curator/Curator.java @@ -10,7 +10,6 @@ import com.yahoo.text.Utf8; import com.yahoo.vespa.curator.api.VespaCurator; import com.yahoo.vespa.curator.recipes.CuratorCounter; import com.yahoo.vespa.defaults.Defaults; -import com.yahoo.vespa.zookeeper.VespaSslContextProvider; import com.yahoo.vespa.zookeeper.VespaZooKeeperServer; import org.apache.curator.RetryPolicy; import org.apache.curator.framework.CuratorFramework; @@ -125,15 +124,9 @@ public class Curator implements VespaCurator, AutoCloseable { private static ZKClientConfig createClientConfig(Optional<File> clientConfigFile) { if (clientConfigFile.isPresent()) { boolean useSecureClient = Boolean.parseBoolean(getEnvironmentVariable("VESPA_USE_TLS_FOR_ZOOKEEPER_CLIENT").orElse("false")); - StringBuilder configBuilder = new StringBuilder("zookeeper.client.secure=").append(useSecureClient).append("\n"); - if (useSecureClient) { - configBuilder.append("zookeeper.ssl.context.supplier.class=").append(VespaSslContextProvider.class.getName()).append("\n") - .append("zookeeper.ssl.enabledProtocols=").append(VespaSslContextProvider.enabledTlsProtocolConfigValue()).append("\n") - .append("zookeeper.ssl.ciphersuites=").append(VespaSslContextProvider.enabledTlsCiphersConfigValue()).append("\n") - .append("zookeeper.ssl.clientAuth=NEED\n"); - } + String config = "zookeeper.client.secure=" + useSecureClient + "\n"; clientConfigFile.get().getParentFile().mkdirs(); - IOUtils.writeFile(clientConfigFile.get(), Utf8.toBytes(configBuilder.toString())); + IOUtils.writeFile(clientConfigFile.get(), Utf8.toBytes(config)); try { return new ZKClientConfig(clientConfigFile.get()); } catch (QuorumPeerConfig.ConfigException e) { |