-
Notifications
You must be signed in to change notification settings - Fork 21
Labels
Description
Users which use custom CA need a way to have Weaviate client trust that CA. To us, it boils down to setting the user pass their own SSL context when creating a client.
Because part of our APIs use gRPC, we have 2 internal "clients" to pass this configuration to:
- HttpClient from
httpclient5
- gRPC Channel from
io.grpc
Both have the notion of "SSL context", but use 2 different abstractions: javax.net.ssl.SSLContext
and io.netty.handler.ssl.SslContext
respectively. To simplify the API we can use their common denominator -- TrustManagerFactory, from which both SSLContext and SslContext can be built.
This way we also provide users maximum flexibility in letting them configure the TrustManagerFactory and use any of the truststore file formats (.jsk / .pem).