Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add tlsfirst option to pass through to NATS connection #189

Merged
merged 2 commits into from
Jul 2, 2024
Merged

Add tlsfirst option to pass through to NATS connection #189

merged 2 commits into from
Jul 2, 2024

Conversation

johnweldon
Copy link
Contributor

No description provided.

wallyqs
wallyqs approved these changes Jul 1, 2024
View reviewed changes
Copy link
Member

@wallyqs wallyqs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Jarema
Jarema requested changes Jul 2, 2024
View reviewed changes
Copy link
Member

@Jarema Jarema left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this PR!
I would like to improve the doc a bit though.

cmd/jetstream-controller/main.go Outdated
@@ -57,6 +57,7 @@ func run() error {
cert := flag.String("tlscert", "", "NATS TLS public certificate")
key := flag.String("tlskey", "", "NATS TLS private key")
ca := flag.String("tlsca", "", "NATS TLS certificate authority chain")
tlsfirst := flag.Bool("tlsfirst", false, "If true, then NATS connections will be initiated with a TLS negotiation, rather than using a plain text / STARTTLS approach")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would not call it STARTTLS, as it has some differences. It's more of implicit TLS vs explicit TLS.

Let's maybe write something along te lines "If enabled, forces explicit TLS without waiting for Server INFO".

@Jarema Jarema mentioned this pull request Jul 2, 2024
Merged
Jarema
Jarema approved these changes Jul 2, 2024
View reviewed changes
Copy link
Member

@Jarema Jarema left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@Jarema Jarema merged commit 2dd3825 into nats-io:main Jul 2, 2024
3 checks passed
@johnweldon johnweldon deleted the tlsfirst-option branch July 2, 2024 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wallyqs wallyqs wallyqs approved these changes

@Jarema Jarema Jarema approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@johnweldon @wallyqs @Jarema