Closed amitgurav04 closed 5 years ago
horkhe
commented
5 years ago There is no way to do that. We never needed that. But, it should be relatively easy to implement. A gRPC listener should be started with TLS config. And then client would be able to use secure channel. If you want you can suggest a PR.
amitgurav04
commented
5 years ago Thanks for giving the way to do this . I will implement this.
maxthomas
commented
5 years ago hey there, i'm very interested in working on this capability. i sketched out a little proposal, would you let me know what you think generally so we can agree on how best to structure things?
i'd propose:
grpc, that contains paths to server certificatesconfig.go codeconfig.go capable of producting grpc.ServerOpt struct (either insecure, the default, or TLS if detected in config)what are your thoughts? if it looks good i'll start implementing it like that.
horkhe
commented
5 years ago Thank you @maxthomas, your proposal seems reasonable. I would suggested to call the section tls though. And if you could make sure that both gRPC and HTTP servers use TLS if configured that would be great.
maxthomas
commented
5 years ago thanks @horkhe ! i'll start working on this and push up an MR when it's ready for your review!
maxthomas
commented
5 years ago would love feedback on #167 !
horkhe
commented
5 years ago Fixed by #167
How can I enable the HTTPS/SSL in kafka-pixy so that the request/response between client and kafka-pixy become secure.
Please suggest if any configurations are available to do the same.
Thanks in advance.