[ https://issues.apache.org/jira/browse/ARROW-10105?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17209248#comment-17209248 ]
David Li commented on ARROW-10105: ---------------------------------- If you would like to separate out the Java changes, those look straightforward and we can merge. For the certs - seems gRPC wants the certs themselves and not necessarily a file, can we just embed the certs into the binary (or even, embed just a single invalid cert or something?) > [FlightRPC] Add client option to disable certificate validation with TLS > ------------------------------------------------------------------------ > > Key: ARROW-10105 > URL: https://issues.apache.org/jira/browse/ARROW-10105 > Project: Apache Arrow > Issue Type: New Feature > Components: C++, FlightRPC, Java, Python > Reporter: James Duong > Assignee: James Duong > Priority: Major > Labels: pull-request-available > Fix For: 2.0.0 > > Time Spent: 1h 50m > Remaining Estimate: 0h > > Users of Flight may want to disable certificate validation if they want to > only use encryption. A use case might be that the Flight server uses a > self-signed certificate and doesn't distribute a certificate for clients to > use. > This feature would be to add an explicit option to FlightClient.Builder to > disable certificate validation. Note that this should not happen implicitly > if a client uses a TLS location, but does not set a certificate. The client > should explicitly set this option so that they are fully aware that they are > making a connection with reduced security. -- This message was sent by Atlassian Jira (v8.3.4#803005)