July 2023
Intermediate to advanced
278 pages
5h 40m
Chinese
Content preview from Trino 权威指南:原书第2版
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
安全
|
209
作 truststore 使用。这些存储的实现或使用这些存储的工具并没有什么区别,主要的
区别在于 keystore 和 truststore 中存储的内容以及使用方式。keystore 用于证明你自
己的身份,而 truststore 则用于确认另一个身份。
对于 Trino 来说,Trino 协调器需要一个包含私钥和签名证书的 keystore。当 Trino 客
户端连接时,Trino 会将此证书作为 TLS 握手的一部分呈现给客户端。
Trino 客户端(如 CLI)使用一个 truststore,其中包含验证服务器提供的证书的真实
性所需的证书。如果 Trino 协调器证书由 CA 签发,那么 truststore 包含根证书和中
间证书。如果你不使用 CA,则 truststore 需要包含相同的 Trino TLS 证书。自签名
证书简单来说就是证书由证书中公钥对应的私钥签名。这些证书的安全性要差很多,
因为攻击者可以将自签名证书伪装成中间人攻击的一部分。在使用自签名证书时,
必须确保客户端所连接的网络和计算机的安全性。
什么是 X.509 证书?
X.509 标准定义了公钥证书的格式,比如我们要生成的 Trino 安全证书。该证书包括签
发的域名、签发的个人或组织、签发日期和到期日期、公钥和签名。证书可以由 CA 签
发,也可以自签名。更多信息可以参考官方(
https://www.itu.int/rec/T-REC-X.509
)标准。
10.3.2
创建
Java keystore ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.