bbeaudreault commented on code in PR #5363: URL: https://github.com/apache/hbase/pull/5363#discussion_r1322983399
########## hbase-common/src/main/java/org/apache/hadoop/hbase/io/crypto/tls/X509Util.java: ########## @@ -83,9 +88,10 @@ public final class X509Util { public static final String TLS_CONFIG_OCSP = CONFIG_PREFIX + "ocsp"; public static final String TLS_CONFIG_REVERSE_DNS_LOOKUP_ENABLED = CONFIG_PREFIX + "host-verification.reverse-dns.enabled"; - private static final String TLS_ENABLED_PROTOCOLS = CONFIG_PREFIX + "enabledProtocols"; - private static final String TLS_CIPHER_SUITES = CONFIG_PREFIX + "ciphersuites"; + public static final String TLS_ENABLED_PROTOCOLS = CONFIG_PREFIX + "enabledProtocols"; + public static final String TLS_CIPHER_SUITES = CONFIG_PREFIX + "ciphersuites"; public static final String TLS_CERT_RELOAD = CONFIG_PREFIX + "certReload"; + public static final String TLS_USE_OPENSSL = CONFIG_PREFIX + "useOpenSsl"; Review Comment: Yea, IMO we should keep most config constants public. Even for an IA.Private class, if a user wants to pull in the config constants they should be able to. They open themselves up to risk of compatibility issues since it's still an IA.Private class, but imo when it comes to config constants it is less risky to use a constant than it is to hardcode a string that may change. Ideally we could refactor our config constant approach across the board to make them easier to integrate, but barring that I've been making consistency changes like this whenever I see them. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@hbase.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org