Github user hanm commented on a diff in the pull request: https://github.com/apache/zookeeper/pull/184#discussion_r114086721 --- Diff: src/java/main/org/apache/zookeeper/common/ZKConfig.java --- @@ -107,14 +99,33 @@ private void init() { * this configuration. */ protected void handleBackwardCompatibility() { - properties.put(SSL_KEYSTORE_LOCATION, System.getProperty(SSL_KEYSTORE_LOCATION)); - properties.put(SSL_KEYSTORE_PASSWD, System.getProperty(SSL_KEYSTORE_PASSWD)); - properties.put(SSL_TRUSTSTORE_LOCATION, System.getProperty(SSL_TRUSTSTORE_LOCATION)); - properties.put(SSL_TRUSTSTORE_PASSWD, System.getProperty(SSL_TRUSTSTORE_PASSWD)); - properties.put(SSL_AUTHPROVIDER, System.getProperty(SSL_AUTHPROVIDER)); properties.put(JUTE_MAXBUFFER, System.getProperty(JUTE_MAXBUFFER)); properties.put(KINIT_COMMAND, System.getProperty(KINIT_COMMAND)); properties.put(JGSS_NATIVE, System.getProperty(JGSS_NATIVE)); + + ClientX509Util clientX509Util = new ClientX509Util(); + putSSLProperties(clientX509Util); + properties.put(clientX509Util.getSslAuthProviderProperty(), + System.getProperty(clientX509Util.getSslAuthProviderProperty())); + + putSSLProperties(new QuorumX509Util()); --- End diff -- Do we need this call here? This function handles backward compatibility between old way of extracting configs from system properties and the introduce of ZKConfig class (which was done after client-server SSL was added). Quorum ssl does not exist before, so there is no need to handle backward compatibility for it. If the purpose is to populate various system properties of quorum ssl then maybe find another place to make the initialization call?
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---