Supporting SSL on Netty client-server communication.
1. It supports keystore and trustore usage.
2. It adds an additional ZK server port which supports SSL. This would be useful for rolling upgrade.
The patch includes three files:
- testing purpose keystore and truststore under "$(ZK_REPO_HOME)/src/java/test/data/ssl". Might need to create "ssl/".
You need to set some parameters on both ZK server and client.
You need to specify a listening SSL port in "zoo.cfg":
Just like what you did with "clientPort". And then set some jvm flags:
Please change keystore and truststore parameters accordingly.
You need to set jvm flags:
change keystore and truststore parameters accordingly.
And then connect to the server's SSL port, in this case:
If you have any feedback, you are more than welcome to discuss it here!