pnowojski commented on a change in pull request #7688: [FLINK-9816][network] add option to configure SSL engine provider for TM communication URL: https://github.com/apache/flink/pull/7688#discussion_r280773729
########## File path: flink-runtime/src/main/java/org/apache/flink/runtime/net/SSLUtils.java ########## @@ -195,6 +198,22 @@ public static SSLHandlerFactory createRestClientSSLEngineFactory(final Configura return config.getString(SecurityOptions.SSL_ALGORITHMS).split(","); } + private static SslProvider getSSLProvider(final Configuration config) { + checkNotNull(config, "config must not be null"); + String providerString = config.getString(SecurityOptions.SSL_PROVIDER); + if (providerString.equalsIgnoreCase("OPENSSL")) { + if (OpenSsl.isAvailable()) { + return OPENSSL; + } else { + return JDK; + } + } else if (providerString.equalsIgnoreCase("JDK")) { + return JDK; + } else { + throw new IllegalArgumentException("Unknown SSL provider: " + providerString); Review comment: `IllegalArgumentException` runtime exception that doesn't use our exception hierarchy? Did you mean `IllegalConfigurationException`? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services