全站最硬核 百万字强肝RocketMq源码 火热更新中~(八十) DLeger
作者:互联网
接下来,如果tls模式开启,则进行一些动作:
if (TlsSystemConfig.tlsMode != TlsMode.DISABLED) {
tls模式我们之前看过了,是一种安全传输协议。
看下里面具体干了什么:
try {
fileWatchService = new FileWatchService(
new String[] {
TlsSystemConfig.tlsServerCertPath,
TlsSystemConfig.tlsServerKeyPath,
TlsSystemConfig.tlsServerTrustCertPath
},
new FileWatchService.Listener() {
boolean certChanged, keyChanged = false;
@Override
public void onChanged(String path) {
if (path.equals(TlsSystemConfig.tlsServerTrustCertPath)) {
log.info("The trust certificate changed, reload the ssl context");
reloadServerSslContext();
}
if (path.equals(TlsSystemConfig.tlsServerCertPath)) {
certChanged = true;
}
if (path.equals(TlsSystemConfig.tlsServerKeyPath)) {
keyChanged = true;
}
if (certChanged && keyChanged) {
log.info("The certificate and private key changed, reload the ssl context");
certChanged = keyChanged = false;
reloadServerSslContext();
}
}
private void reloadServerSslContext() {
((NettyRemotingServer) remotingServer).loadSslContext();
((NettyRemotingServer) fastRemotingServer).loadSslContext();
}
});
} catch (Exception e) {
log.warn("FileWatchService created error, can't load the certificate dynamically");
}
可以看到是写了一个监听器,对tls相关的三个文件的修改做了监听,这个其实
和namesrv的启动异曲同工
熟悉的reload方法:
private void reloadServerSslContext() {
((NettyRemotingServer) remotingServer).loadSslContext();
((NettyRemotingServer) fastRemotingServer).loadSslContext();
}
其实就是当配置文件信息改变后
把sslContext里的配置信息重置一次
标签:全站,keyChanged,TlsSystemConfig,loadSslContext,源码,path,reloadServerSslContext,Nett 来源: https://blog.csdn.net/GBS20200720/article/details/122746983