security.ssl.internal.close-notify-flush-timeout |
-1 |
Integer |
The timeout (in ms) for flushing the `close_notify` that was triggered by closing a channel. If the `close_notify` was not flushed in the given timeout the channel will be closed forcibly. (-1 = use system default) |
security.ssl.internal.handshake-timeout |
-1 |
Integer |
The timeout (in ms) during SSL handshake. (-1 = use system default) |
security.ssl.internal.session-cache-size |
-1 |
Integer |
The size of the cache used for storing SSL session objects. According to here, you should always set this to an appropriate number to not run into a bug with stalling IO threads during garbage collection. (-1 = use system default). |
security.ssl.internal.session-timeout |
-1 |
Integer |
The timeout (in ms) for the cached SSL session objects. (-1 = use system default) |
security.ssl.provider |
"JDK" |
String |
The SSL engine provider to use for the ssl transport:JDK : default Java-based SSL engineOPENSSL : openSSL-based SSL engine using system libraries
OPENSSL is based on netty-tcnative and comes in two flavours:- dynamically linked: This will use your system's openSSL libraries (if compatible) and requires
opt/flink-shaded-netty-tcnative-dynamic-*.jar to be copied to lib/ - statically linked: Due to potential licensing issues with openSSL (see LEGAL-393), we cannot ship pre-built libraries. However, you can build the required library yourself and put it into
lib/ :
git clone https://github.com/apache/flink-shaded.git && cd flink-shaded && mvn clean package -Pinclude-netty-tcnative-static -pl flink-shaded-netty-tcnative-static
|