Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add something about rotating cert for mTLS #1971

Open
johanandren opened this issue Sep 3, 2024 · 1 comment
Open

add something about rotating cert for mTLS #1971

johanandren opened this issue Sep 3, 2024 · 1 comment
Labels
client docs

Comments

@johanandren
Copy link
Member

In the Akka HTTP docs we have https://doc.akka.io/docs/akka-http/current/server-side/server-https-support.html#rotating-certificates showing how to create a HttpsConnectionContext with cert rotation but it might not be obvious how to find and set that up. We should either link to that from the mTLS docs page or show an example here as well.
@patriknw patriknw changed the title Docs: add something about rotating cert for mTLS add something about rotating cert for mTLS Sep 3, 2024
@patriknw patriknw added the client label Sep 3, 2024
@patriknw
Copy link
Member

patriknw commented Sep 3, 2024

This isn't only about docs. Something is missing for a client with rotating certs. We have:

GrpcClientSettings
            .connectToServiceAt(host, port)
            .withSslContext(sslContext)

That sslContext instance is reading the certs when created, so it will not be refreshed for new connections.

We are missing something like:

withRefreshingSslContext(creator: () => SSLContext)

that can be used together with SSLContextFactory.refreshingSSLContextProvider.

(how to implement this is a more difficult question)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
client docs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@patriknw @johanandren