Github user ivmaykov commented on the issue:
https://github.com/apache/zookeeper/pull/184
@anmolnar thanks for the hard work! Our plan is to run this on a real
cluster for about a month, if everything is working well, that will be a pretty
good argument for "this code is ready to be merged to master".
There are 2 pieces of functionality that I would like to add:
- support for PEM-encoded certs and private keys. I have this working
already, just need to figure out how to stack my PR on top of your PR.
- re-initialize the SSLContext when the cert file changes, without
restarting the server. Our certs are not very long-lived and are refreshed by a
mechanism outside of ZK, so ZK process may outlive a cert and will need to
refresh it. This is not yet done, but I'm starting to work on it, will send
that PR out once it's ready as well.
---
