Github user ivmaykov commented on the issue: https://github.com/apache/zookeeper/pull/184 @anmolnar thanks for the hard work! Our plan is to run this on a real cluster for about a month, if everything is working well, that will be a pretty good argument for "this code is ready to be merged to master". There are 2 pieces of functionality that I would like to add: - support for PEM-encoded certs and private keys. I have this working already, just need to figure out how to stack my PR on top of your PR. - re-initialize the SSLContext when the cert file changes, without restarting the server. Our certs are not very long-lived and are refreshed by a mechanism outside of ZK, so ZK process may outlive a cert and will need to refresh it. This is not yet done, but I'm starting to work on it, will send that PR out once it's ready as well.
---