Skip to content

v6: Accept custom TrustStore when creating a connection #420

@bevzzz

Description

@bevzzz

Users which use custom CA need a way to have Weaviate client trust that CA. To us, it boils down to setting the user pass their own SSL context when creating a client.

Because part of our APIs use gRPC, we have 2 internal "clients" to pass this configuration to:

  1. HttpClient from httpclient5
  2. gRPC Channel from io.grpc

Both have the notion of "SSL context", but use 2 different abstractions: javax.net.ssl.SSLContext and io.netty.handler.ssl.SslContext respectively. To simplify the API we can use their common denominator -- TrustManagerFactory, from which both SSLContext and SslContext can be built.

This way we also provide users maximum flexibility in letting them configure the TrustManagerFactory and use any of the truststore file formats (.jsk / .pem).

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions