Versions Compared

Old Version 1

changes.mady.by.user Joris Melchior

Saved on

compared with

New Version Current

changes.mady.by.user Joris Melchior

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Solution

Change our configuration in such a way that to add the properties SSL_TRUSTSTORETRUSTSTORES, SSL_TRUSTSTORE_PASSWORDPASSWORDS, SSL_KEYSTOREKEYSTORES, SSL_KEYSTORE_PASSWORD are renamed to show that they represent multiple valuesPASSWORDS to allow for adding multiple comma separated values where the existing singular named equivalent parameters only allow for single values.

Change our configuration code so that we can parse these parameters as comma separated values and have logic in place to use either the singular or multiple values depending on presence of one or the other.

Change our configuration code so that we can use the parsed values to load multiple files with associated passwords when loading TLS key and trust store information.

Deprecate the equivalent singular value parameters.

Changes and Additions to Public Interfaces

...

Will the regular rolling upgrade process work with these changes? No Yes

How do the proposed changes impact backwards-compatibility? Are message or file formats changing? Yes (backwards-compatibility) This change is backwards compatible.

Is there a need for a deprecation process to provide an upgrade path to users who will need to adjust their applications? No Yes eventually deprecated parameters will need to be removed

Prior Art

What would be the alternatives to the proposed solution? What would happen if we don’t solve the problem? Why should this proposal be preferred?

As an alternative we could leave the existing parameters unchanged and add the parameters that represent multiple values of the existing ones as new parameters and adjust the code to use one or the other depending on what information is provided in the configuration.

The benefit of the alternate approach is that it would be fully backwards compatible.

The downside of the alternate approach is that it would make the code more complex and that we would have to deprecate some parameters and at some point in the future remove the deprecated parameters and code that allows for the different approachesThere are no known alternatives for the proposed solution.

FAQ

Answers to questions you’ve commonly been asked after requesting comments for this proposal.

...