HBASE-25987 Make SSL keystore type configurable for HBase ThriftServer (#3367)
Signed-off-by: Wellington Chevreuil <wchevreuil@apache.com>
This commit is contained in:
parent
471e8159f0
commit
7f7a293cb5
@ -65,6 +65,10 @@ public final class Constants {
|
|||||||
"hbase.thrift.ssl.exclude.protocols";
|
"hbase.thrift.ssl.exclude.protocols";
|
||||||
public static final String THRIFT_SSL_INCLUDE_PROTOCOLS_KEY =
|
public static final String THRIFT_SSL_INCLUDE_PROTOCOLS_KEY =
|
||||||
"hbase.thrift.ssl.include.protocols";
|
"hbase.thrift.ssl.include.protocols";
|
||||||
|
public static final String THRIFT_SSL_KEYSTORE_TYPE_KEY =
|
||||||
|
"hbase.thrift.ssl.keystore.type";
|
||||||
|
public static final String THRIFT_SSL_KEYSTORE_TYPE_DEFAULT =
|
||||||
|
"jks";
|
||||||
|
|
||||||
|
|
||||||
public static final String THRIFT_SUPPORT_PROXYUSER_KEY = "hbase.thrift.support.proxyuser";
|
public static final String THRIFT_SUPPORT_PROXYUSER_KEY = "hbase.thrift.support.proxyuser";
|
||||||
|
@ -71,6 +71,8 @@ import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_INCLUDE_PROTOC
|
|||||||
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_KEYPASSWORD_KEY;
|
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_KEYPASSWORD_KEY;
|
||||||
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_PASSWORD_KEY;
|
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_PASSWORD_KEY;
|
||||||
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_STORE_KEY;
|
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_STORE_KEY;
|
||||||
|
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_TYPE_DEFAULT;
|
||||||
|
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SSL_KEYSTORE_TYPE_KEY;
|
||||||
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SUPPORT_PROXYUSER_KEY;
|
import static org.apache.hadoop.hbase.thrift.Constants.THRIFT_SUPPORT_PROXYUSER_KEY;
|
||||||
import static org.apache.hadoop.hbase.thrift.Constants.USE_HTTP_CONF_KEY;
|
import static org.apache.hadoop.hbase.thrift.Constants.USE_HTTP_CONF_KEY;
|
||||||
|
|
||||||
@ -425,6 +427,8 @@ public class ThriftServer extends Configured implements Tool {
|
|||||||
sslCtxFactory.setKeyStorePath(keystore);
|
sslCtxFactory.setKeyStorePath(keystore);
|
||||||
sslCtxFactory.setKeyStorePassword(password);
|
sslCtxFactory.setKeyStorePassword(password);
|
||||||
sslCtxFactory.setKeyManagerPassword(keyPassword);
|
sslCtxFactory.setKeyManagerPassword(keyPassword);
|
||||||
|
sslCtxFactory.setKeyStoreType(conf.get(
|
||||||
|
THRIFT_SSL_KEYSTORE_TYPE_KEY, THRIFT_SSL_KEYSTORE_TYPE_DEFAULT));
|
||||||
|
|
||||||
String[] excludeCiphers = conf.getStrings(
|
String[] excludeCiphers = conf.getStrings(
|
||||||
THRIFT_SSL_EXCLUDE_CIPHER_SUITES_KEY, ArrayUtils.EMPTY_STRING_ARRAY);
|
THRIFT_SSL_EXCLUDE_CIPHER_SUITES_KEY, ArrayUtils.EMPTY_STRING_ARRAY);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user