gRPC SSL certs hot reloading #5110

hanahmily · 2020-07-16T13:28:59Z

When using SSL to perform the AuthN between client/agent and OAP. To make things more secure, OAP should support hot reload certs.

After some investigation, I found there're some potential solutions existing in the gRPC community, for instance, grpc/grpc-java#5335.

I prefer to delegate SSLContext, anyone who has any thoughts, pls feel free to let me know, thanks.

hanahmily · 2020-08-24T01:43:30Z

I will adopt to SSLContext delegation path to implement this feature

hanahmily added TBD To be decided later, need more discussion or input. backend OAP backend related. labels Jul 16, 2020

hanahmily self-assigned this Jul 16, 2020

hanahmily removed the TBD To be decided later, need more discussion or input. label Aug 24, 2020

hanahmily mentioned this issue Aug 25, 2020

Hot reload gRPC certs of OAP. #5376

Merged

wu-sheng added this to the 8.2.0 milestone Aug 31, 2020

wu-sheng added the feature New feature label Aug 31, 2020

wu-sheng closed this as completed in #5376 Aug 31, 2020

wu-sheng mentioned this issue Sep 5, 2020

Support SSL cert files loaded dynamically #4476

Closed

Provide feedback