[proxy] Proxy doesn't use the right ca certicate to connect to brokers (

apache#5971) *Motivation* Currently proxy uses the proxy ca certicate to connect to brokers. It is fine if proxy and broker are using th same CA. However if the broker is using a different CA than proxy, "HTTP 502 Bad Gateway" is returned from proxy when tlsEnabledWithBroker is set to true. *Modifications* Change to use the right CA *Verify this change* Verify it is working in a production environment.
bbejeck · Jan 3, 2020 · d98562d · d98562d
1 parent 4b57776
commit d98562d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/AdminProxyHandler.java b/pulsar-proxy/src/main/java/org/apache/pulsar/proxy/server/AdminProxyHandler.java
@@ -214,7 +214,7 @@ protected HttpClient newHttpClient() {
             if (config.isTlsEnabledWithBroker()) {
                 try {
                     X509Certificate trustCertificates[] = SecurityUtility
-                        .loadCertificatesFromPemFile(config.getTlsTrustCertsFilePath());
+                        .loadCertificatesFromPemFile(config.getBrokerClientTrustCertsFilePath());
 
                     SSLContext sslCtx;
                     AuthenticationDataProvider authData = auth.getAuthData();