Simple SSLContext Provider Module

<!-- ~ Licensed to the Apache Software Foundation (ASF) under one ~ or more contributor license agreements. See the NOTICE file ~ distributed with this work for additional information ~ regarding copyright ownership. The ASF licenses this file ~ to you under the Apache License, Version 2.0 (the ~ "License"); you may not use this file except in compliance ~ with the License. You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, ~ software distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for the ~ specific language governing permissions and limitations ~ under the License. -->

This Apache Druid module contains a simple implementation of SSLContext that will be injected to be used with HttpClient that Druid processes use internally to communicate with each other. To learn more about Java's SSL support, please refer to this guide.

Property	Description	Default	Required
druid.client.https.protocol	SSL protocol to use.	TLSv1.2	no
druid.client.https.trustStoreType	The type of the key store where trusted root certificates are stored.	java.security.KeyStore.getDefaultType()	no
druid.client.https.trustStorePath	The file path or URL of the TLS/SSL Key store where trusted root certificates are stored.	none	yes
druid.client.https.trustStoreAlgorithm	Algorithm to be used by TrustManager to validate certificate chains	javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()	no
druid.client.https.trustStorePassword	The Password Provider or String password for the Trust Store.	none	yes

The following table contains optional parameters for supporting client certificate authentication:

Property	Description	Default	Required
druid.client.https.keyStorePath	The file path or URL of the TLS/SSL Key store containing the client certificate that Druid will use when communicating with other Druid services. If this is null, the other properties in this table are ignored.	none	yes
druid.client.https.keyStoreType	The type of the key store.	none	yes
druid.client.https.certAlias	Alias of TLS client certificate in the keystore.	none	yes
druid.client.https.keyStorePassword	The Password Provider or String password for the Key Store.	none	no
druid.client.https.keyManagerFactoryAlgorithm	Algorithm to use for creating KeyManager, more details here.	javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm()	no
druid.client.https.keyManagerPassword	The Password Provider or String password for the Key Manager.	none	no
druid.client.https.validateHostnames	Validate the hostname of the server. This should not be disabled unless you are using custom TLS certificate checks and know that standard hostname validation is not needed.	true	no

This document lists all the possible values for the above mentioned configs among others provided by Java implementation.