请问sofa-bolt支持ssl双向认证吗，目前开启了clientAuth模式但节点无法通信

[fuzzmaker]

Your question

describe your question clearly

Your scenes

describe your use scenes (why need this feature)

Your advice

describe the advice or solution you'd like

Environment

• SOFABolt version:
• JVM version (e.g. java -version):
• OS version (e.g. uname -a):
• Maven version:
• IDE version:

[fuzzmaker]

Netty要支持ssl双向认证需要分别在初始化SslContext时增加相应的受信证书链

RpcServer.class

` private SslContext initSSLContext() {

    InputStream in = null;
    try {
        KeyStore ks = KeyStore.getInstance(RpcConfigManager.server_ssl_keystore_type());
        in = new FileInputStream(RpcConfigManager.server_ssl_keystore());
        char[] passChs = RpcConfigManager.server_ssl_keystore_pass().toCharArray();
        ks.load(in, passChs);
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(RpcConfigManager
            .server_ssl_kmf_algorithm());
        kmf.init(ks, passChs);
        SslContextBuilder sslContextBuilder = SslContextBuilder.forServer(kmf);
        if(RpcConfigManager.server_ssl_need_client_auth()){
            KeyStore cks = KeyStore.getInstance(RpcConfigManager.client_ssl_keystore_type());
            in = new FileInputStream(RpcConfigManager.client_ssl_keystore());
            char[] cPassChs = RpcConfigManager.client_ssl_keystore_pass().toCharArray();
            cks.load(in, cPassChs);
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(RpcConfigManager.client_ssl_tmf_algorithm());
            tmf.init(cks);
            sslContextBuilder.trustManager(tmf);
        }
        return sslContextBuilder.build();
    } catch (Exception e) {
        logger.error("Fail to init SSL context for server.", e);
        throw new IllegalStateException("Fail to init SSL context", e);
    } finally {
        IoUtils.closeQuietly(in);
    }

`

AbstractConnectionFactory.class

` private SslContext initSSLContext() {

    InputStream in = null;
    try {
        KeyStore ks = KeyStore.getInstance(RpcConfigManager.client_ssl_keystore_type());
        in = new FileInputStream(RpcConfigManager.client_ssl_keystore());
        char[] passChs = RpcConfigManager.client_ssl_keystore_pass().toCharArray();
        ks.load(in, passChs);
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(RpcConfigManager
            .client_ssl_tmf_algorithm());
        tmf.init(ks);
        SslContextBuilder sslContextBuilder = SslContextBuilder.forClient().trustManager(tmf);
        if(RpcConfigManager.server_ssl_need_client_auth()){
            KeyStore sks = KeyStore.getInstance(RpcConfigManager.server_ssl_keystore_type());
            in = new FileInputStream(RpcConfigManager.server_ssl_keystore());
            char[] sPassChs = RpcConfigManager.server_ssl_keystore_pass().toCharArray();
            sks.load(in, sPassChs);
            KeyManagerFactory kmf = KeyManagerFactory.getInstance(RpcConfigManager.server_ssl_kmf_algorithm());
            kmf.init(sks, sPassChs);
            sslContextBuilder.keyManager(kmf);
        }
        return sslContextBuilder.build();
    } catch (Exception e) {
        logger.error("Fail to init SSL context for connection factory.", e);
        throw new IllegalStateException("Fail to init SSL context", e);
    } finally {
        IoUtils.closeQuietly(in);
    }

} `