From 678cc937c08aef6118e435e51ce5dabd6f835dea Mon Sep 17 00:00:00 2001
From: JianBo He <heeejianbo@gmail.com>
Date: Fri, 17 Mar 2023 18:23:58 +0800
Subject: [PATCH] test(bridge): cover ssl testing for cassandra bridge

---
 .../cassandra/cassandra.yaml                  |   3 +-
 .ci/docker-compose-file/certs/client.key      |  27 ++++++++++++++++
 .ci/docker-compose-file/certs/client.pem      |  25 +++++++++++++++
 .ci/docker-compose-file/certs/server.jks      | Bin 2898 -> 2390 bytes
 .ci/docker-compose-file/certs/server.p12      | Bin 2708 -> 2708 bytes
 .ci/docker-compose-file/certs/truststore.jks  | Bin 1622 -> 1318 bytes
 .../test/emqx_ee_bridge_cassa_SUITE.erl       |  30 ++++++++++++++++--
 .../src/emqx_ee_connector_cassa.erl           |   1 -
 8 files changed, 80 insertions(+), 6 deletions(-)
 create mode 100644 .ci/docker-compose-file/certs/client.key
 create mode 100644 .ci/docker-compose-file/certs/client.pem

diff --git a/.ci/docker-compose-file/cassandra/cassandra.yaml b/.ci/docker-compose-file/cassandra/cassandra.yaml
index 1bc724b0b..51a24f7a2 100644
--- a/.ci/docker-compose-file/cassandra/cassandra.yaml
+++ b/.ci/docker-compose-file/cassandra/cassandra.yaml
@@ -1046,7 +1046,7 @@ server_encryption_options:
 client_encryption_options:
     enabled: true
     # If enabled and optional is set to true encrypted and unencrypted connections are handled.
-    optional: true
+    optional: false
     keystore: /certs/server.jks
     keystore_password: my_password
     require_client_auth: true
@@ -1055,7 +1055,6 @@ client_encryption_options:
     truststore_password: my_password
     # More advanced defaults below:
     protocol: TLS
-    algorithm: SunX509
     store_type: JKS
     cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA]
 
diff --git a/.ci/docker-compose-file/certs/client.key b/.ci/docker-compose-file/certs/client.key
new file mode 100644
index 000000000..2989d0d78
--- /dev/null
+++ b/.ci/docker-compose-file/certs/client.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzs74tdftT7xGMGXQSoX/nnFkFAOjNtEVOI3bChzR+w6Xwo8Z
+OUiOuOjynKvsJeltdmc0L+cbHZh7j+aHuAqVYxavqaqhFneF0f03t17qju9AixoV
+JXgNT3ru56aZFa6Ov6NhfZfRirGnbNrg2RhuNeYZ4TYLH7iMR36exNFP83glXwXM
+inMd1tsHL7xHLf3KjCbkusA5ncFWcpIUtpuWVn9aAE402dN7BJWfAbkQ4Y3VToR1
+P/T+W6WBldv0i2WlNbfiuAzuapA3EzJwoyTrG2Qyz7EtXM8XZdOZ6oJmW4s7c4V/
+FBT5knNtmXTt78xBBlIPFas5BAJIeV4eADx9MwIDAQABAoIBAQCZTvcynpJuxIxn
+vmItjK5U/4wIBjZNIawQk6BoG7tR2JyJ/1jcjTw4OX/4wr450JRz7MfUJweD5hDb
+OTMtLLNXlG6+YR4vsIUEiSlvhy5srVH0jG5Wq2t6mxBVq7vaRd/OkshnuU79+Pq7
+iHqclS7GSACxYkXWyxE6wtPh5aTWP8joK/LvYFiOqKPilUnLZ4hBhmL7CRUCZ0ZA
+QGNyEhlmiAL+LNKW2RLXPBxlKX21X78ahUQmkkTM0lBK9x6hm4dD3SpLqmZyQQ9M
+UfiMbU6XOYlDva/USZzrvTDlRf9uCG9QOsZzngP1aIy8Cq3QHECOeMIPO9WQLMll
+SyY+SpyJAoGBAP4fhnbDpQC6ekd9TNoU9GE/FNNNGKLh82GDgnGcWU/oIzv8GlaR
+rkEHTb6aRoPpjTxWIjJpScs9kycC+7N3oNo9rub4s5UvllI+EgQ95+j/5fnZx6gO
+la8ousLy1hTYu9C0nTWdTV3YtfC0l0opn7Friv5QafNmhSn74DqrH0BHAoGBANBV
+/NhBDAH1PHzYA+XuNLYTLv56Q4osmoen17nPnFNWb1TtWblzb0yWp86GGDFcs8CZ
+eH0mXCRUzGMSWtOHe4CbIm2brAYXuL2t6+DZ1A22gsnW5avNrosZRS7eN7BE7DDj
+5cp9+Es9UWnArzJU7jSWwAtA6o47WHfHU/pqRB21AoGAGx6eKPqEF2nPNuXmV7e4
+xNAIluw5XtiiMpvoRdubpG1vpS0oWmi9oe73mwm30MgR7Ih8qciWuXvewmENH3/6
+yI+gpMGR2K/1aN166rz4jOMSVfGp3wN/cev00m0774mZsZI03M3mvccs031ST/XV
+Nwf1E2Ldi747I9nfeiNc+G0CgYEAslFHD1ntiyd6VGkYPQ978nPM/2dqs7OluILC
+tHmslfAfbpOQ/ph9JRK2IqDHyEhOWoWBiazxpO8n2Yx2TSNjZBpkh2h8/uIC7+cT
+Q+tuAya6H0ReZISx5sEEZC8zfx4fA2Gs53qWsN+U9W1FB1GGaWC2k2tG1+KXwD3N
+9UJLdxkCgYBB96dsfT7nXmy0JLUz0rQ4umBje6H5uvuaevWdVMEptHB+O7+6CAse
+OVwqlFLQ4QC7s4/P9FQwfr/0uMRInB1aC043Haa1LbiRcRIlSuBDUezK5xidUbz+
+uB/ABkwwEuqW3Ns1+QieJyyfoNYKZ2v0RtYxBuieKOpUCm3oNFZRWg==
+-----END RSA PRIVATE KEY-----
diff --git a/.ci/docker-compose-file/certs/client.pem b/.ci/docker-compose-file/certs/client.pem
new file mode 100644
index 000000000..454ca4797
--- /dev/null
+++ b/.ci/docker-compose-file/certs/client.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEMjCCAhoCFCOrAvLNRztbFFcN0zrCQXoj73cHMA0GCSqGSIb3DQEBCwUAMDQx
+EjAQBgNVBAoMCUVNUVggVGVzdDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9y
+aXR5MB4XDTIzMDMxNzA5MzgzMVoXDTMzMDMxNDA5MzgzMVowdzELMAkGA1UEBhMC
+U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMRIwEAYD
+VQQKDAlNeU9yZ05hbWUxGDAWBgNVBAsMD015U2VydmljZUNsaWVudDESMBAGA1UE
+AwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs74
+tdftT7xGMGXQSoX/nnFkFAOjNtEVOI3bChzR+w6Xwo8ZOUiOuOjynKvsJeltdmc0
+L+cbHZh7j+aHuAqVYxavqaqhFneF0f03t17qju9AixoVJXgNT3ru56aZFa6Ov6Nh
+fZfRirGnbNrg2RhuNeYZ4TYLH7iMR36exNFP83glXwXMinMd1tsHL7xHLf3KjCbk
+usA5ncFWcpIUtpuWVn9aAE402dN7BJWfAbkQ4Y3VToR1P/T+W6WBldv0i2WlNbfi
+uAzuapA3EzJwoyTrG2Qyz7EtXM8XZdOZ6oJmW4s7c4V/FBT5knNtmXTt78xBBlIP
+Fas5BAJIeV4eADx9MwIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQBHgfJgMjTgWZXG
+eyzIVxaqzWTLxrT7zPy09Mw4qsAl1TfWg9/r8nuskq4bjBQuKm0k9H0HQXz//eFC
+Qn85qTHyAmZok6c4ljO2P+kTIl3nkKk5zudmeCTy3W9YBdyWvDXQ/GhbywIfO+1Y
+fYA82I5rXVg4c9fUVTNczUFyDNcZzoJoqCS8jwFDtNR0N/fptJN14j8pnYvNV+4c
+hZ+pcnhSoz7dD8WjyYCc/QCajJdTyb15i072HxuGmhwltjnwIE/2xfeXCCeUTzsJ
+8h4/ABRu9VEqjqDQHepXIflYuVhU38SL0f4ly7neMXmytAbXwGLVM+ME81HG60Bw
+8hkfSwKBbEkhUmD6+V1bdUz14I6HjWJt/INtFU+O+MYZbIFt4ep9GKLV3nk97CyL
+fwDv5b4WXdC68iWMZqSrADAXr+VG3DgHqpNItj0XmhY6ihmt5tA3Z6IZJj45TShA
+vRqTCx3Hf6EO3zf4KCrzaPSSSfVLnGKftA/6oz3bl8EK2e2M44lOspRk4l9k+iBR
+sfHPmpiWY0hIiFtd3LD/uGDSBcGkKjU/fLvJZXJpVXwmT9pmK9LzkAPOK1rr97e9
+esHqwe1bo3z7IdeREZ0wdxqGL3BNpm4f1NaIzV/stX+vScau0AyFYXzumjeBIpKa
+Gt0A+dZnUfWG6qn5NiRENXxFQSppaA==
+-----END CERTIFICATE-----
diff --git a/.ci/docker-compose-file/certs/server.jks b/.ci/docker-compose-file/certs/server.jks
index a0795527824f297a64cf8e24e91d12e15e99ae9f..06c2fe1847400333440b265830e73b39ae041008 100644
GIT binary patch
literal 2390
zcmZvcc{J3G8pmfdF}AEDp|M1k_>Cnd+0vBk%UCnQ*!RYgC1hU;*~>O031eT!*0mE!
zh(;(|_3|Q1gqZ7n?>*<ff80Nw^PK1V$M<~C_c`ZtvVO7-0)Zf>1O9s$364ZRS0`73
zouA{W7Q3-Pz=J?^5FiqE0<gdll5j8#ECFEygXuu9NZ4xPfokz%&Sclnrq@0-^djM0
zg5t-|xA{lQieS>m(a-C2{FpZ)L9g33_-q1wEg$+Y3KUbdAJ$A8d+)a)@9iAUM%I$@
zb(4Yt;ZEbyz~oJX5!b;lG76KjQQFg<)qUj+<G#n06N#PlTl6%0$Bkp{0jjNPTN%5V
zRde%~Z_$!5l?}2$2iN)GLZFM49GMsx5SP6@^3*lLjD)0ovhwxm?>K*B!W=U?jBCbv
z#a+-1-DAn>e>CVtIx}CPU#-~1ba&&?j0;NTNI6Z}axyZp;f8oTR4xtq-GwC_J7%!E
zM4Z9h`GvL#^Vj5h*x4>Z5_jtPakCq<q|``I6*w%vQWa4VW+UVnv*<*vuT*<qsb?{W
zVP$GzGNH)eXotfKFfDjveRcA^SUUSKY=l&LuVmCKp5~DNnRu;%Cp70ZDcc-3KA}Lr
zx+-1KKF5J&Y|w51mkQP4GUHJ6&kL#2rn`FDhU?CCYhN-7WU{tyi-8YDjhyse9^2s+
z3ZFyU3R}7O6&;MNr=V>Ki|30?L_Xe6P6&t3C>rafW#Bc>a}KoUfmyhJFvS$8tHsS{
zO2}bl8@|@Jytiay8~&j~4ivxlh_r_aKkVpa_!jJ(YV?*_kcPhB=2?vBH`?#CG|$SI
zb7?)0&ZTeK?sUiwa?aF!_XT|e%DugJd)$<{?x$?Jgf=QCMp25DU0}sM-`#&mPI=Sk
zdk+5Sf<gdqa-PjhNVe#SHhI5ENclG!(pbb9!$4zAcu*5>aFGGw)mJBZtKY1YBPi!a
z#h%8h^Znnx;mMQlvRaJ-R?>()SspDMqpj9&$<IFOdC4ogBjR;BPOz7(LvlWJ#k@@V
z@Z{}OuX6q5L0w;N#BYgdmtN#=mEc)et{UCBklb^58B^<T%DmM#ID<qXYrb?}$cSg>
zLU*pb<?9Km$IzRQ$V%r#zxI-8g~>Aps#mYnDZN<5dWSElmgD|a%UO7NBypgFnFLC;
z!y=ZY=Mz=)pOU_nJuQR%NZY2w)(~5%CEmCL{LvWhNL~{eQ`D=T)%aC~TUaFiowj>&
z<5_jGv#C?34Kvf>5lHBIRcdd0S%z0aPT*vsSlgL5)0&yb4s$UfKIHM?s0;-B7AWev
z#w+1mWT`-|*AZFq`7QvTMS?=cS`IAkg1OyNDklX9WzSGs1j9zLi?6!n8*(b{FH;?U
z`a;DnbQ`jJR5Uy=mPi|npZIzhK%VKp8lSmyY1lorDE4QXMbqx(TGA4w>v6<AskG|X
z?6TKpHLpo+^9j=Nqu1>!ENc^7yHO`NfZ;(0*`B&0yRVE!7ER*avo9XteJq9k0PIja
zGI$Q&Ow6k)-m!e%eI@?I51O1cCc!MBm*I)c{(=YA819WC^X&>xBT5^>VJNy|{X6@t
zlzo?(B4sHxt_pb3ijqHG=Ri+Old`&5gl6XY=KQU<i`q3Y+dfLz^k<WgcQf_QgdRqG
zL^?hXyyd1p&iJ8aXbFcgu=hB=KD#RG$doE-&tQ}4k)r&#gu7&mFQ`-AhDtPxv?p)I
z7|~nKC)cL!R);jybZ<@sV7!=%+1E47*vv(%T5CD`w4+3_sq>%dKUUT9))<;AS?GtT
zYVn5zy!T$j>}1oXXZj$)HsemTLY{81Wl9$+MYMESNN{0Qu1qp9LOERQZ#>djNGkvs
z5C}$p3PczX3I4MX3IRhP44@Z-2)9OQmOOwN&L9!16}!(21~bxu0C_Y!a25_Vg&~+2
zuzE%oD4e6OA6fw5`%8l|acTaKw<ryNKNoMJt6vZxfMk|Mqh;j)KuP{|TOpa{F@OSE
z@xLb^`F~xx0FM8-GTEIvd0qB(BnCJVPg4s0Gu0`%p^;!#(5a4qM1sMfe1`iYCo1h>
zgUy|MP6CgcjC5%@MGnz#R{kb#y36NOSF^sF*M2r2+V#8XBPXaCnW*ppH^!?jv+fHz
z$L$WwDxOVG=o6PLUIx;i@KLJINV$d4$fAZpc3sne1H{Kn-(}6pYtgU3tyWnx%VaD*
zP~X7H^1~28fw+fmgfT`vG*;`QJ!jKk<BlNdW{kyhAbC}HnRU+OR_41@|H*m~nu&$0
z^OFgzeZ$en6qh#vQwwf-X`uwdrV6~qTiT!m{Ulx3*(gunv;6Z5)*|7!`&l=IlZvFt
zxif?0@KHcJ+6KAk1-EQ_Gd!MTA=B_sH<b<csoE#UFuSo}MLib+1%trFLI4V2JgtwP
z6$XPs=n4TgID>7h7C83TbujoZ39kOn7EgZ*jf8+fO!-!inZ_F^2*iiF<&6B>>o(Wv
z+ot5=Q$)pG+a+_wx2-D89xXN+d7Zy&F=yUh?WUE`s?omqtmw@NMN87DHWsh9wSO3v
zBQh)CrMt(NGD--(Sodr#FCO&SwfISK<w&14Z>=B$acGmm_<AIG`tZ`IVn$uT0}N-x
z07&a)i^TbNJ1IlHgT0rI^EA`0Es3TME!wgW{qV_2ZPule>}x&KZY$ZB=%PaxN(}Nv
zf<L1%Tiv01uR$1bHGP{uqKnmaC@K3<x3IXWg$r9ey|e`DUjx&%p(}U6VRv!RL5zP8
zt{f;Js9FBfqJN+#Ez_Ax9o-u`Z16jovv_LMQWDd%g16vEFijxedDT}xp)@Zm%)>E<
zlUu4UC-EO8t&u!CKk*8gUD%3l3Ug)JTjXzRO<73XA5K@Sf2BLBvt#**IA74NdstJM
zzG6<fnG|p79J_f=<MV=+q?K=WdfbaTle20)mu5Yu%Ipf{`*qa(s6X_vk0uxtU2kud
zR%!~1EbWr*26jwi(EC>@!^}(QY}~!cD@#_!`L|v+$}X}jmMARW40jn^S+*^Pqr*+8
zB?9dJqb47V*Klh*tR)Vb9v;R~$F~@7cESmsCK76R3E4WK#Ep}}fvRx_t*>L5gDhRr
xJ;bS4qN+f>I?;eIePX*R8YNVEPl*GspZ_q%11cYS1d|b=9o!i%6XZwn{2K{6N9_Or

literal 2898
zcma);XE+;d`^FPuZ$ULAu}iI>8dU9BMJYAfnnkRZwrUrlqN2o(S$oqKCHCH1Rcr5u
zP&I2jG+zJX{~mpg_tX1+IFI|f&+9s`5BG=PaU;-l24p~T1e*4QlID82PWUkckP4WE
zrX_;Vv}>345&}&@_>UGvF$hhOe`#l5Dua^l-zj=pAXyfgLgms_L^%FQP%t1Y5OV)q
z=@FtJHo#R;-P?H2on3QZuq&3VzYFs_hK%eQGZ~NvK~G8j{~O6@C;$j3C5=tE4$y%d
z1iTJn{-z%9)7=$<#6&6rgDm~FKxokDY+-oHdb20jD9%%}Ze%S_z(yt#OJZbC<u{iQ
zg5BDQ4lZtqq<P{P%ve0fLvmY~Mx<_QnP_wtF+FHaGR;1u3tCYJ-@Gl7yD2rsJ1T$O
znaF0#`)<4L1(`CVRtYP@0MkWX?vXcD7;u336zoiWrjBd)z35pXW@Y&VThjp9SWgrv
zlCF<gI=QhwDC|;Lf)Tdn1I6*%LWp4<_tNuXu;ITC2qaf~l@;<GA$^>=8MWK#-irQD
zX|!`@ZlEFMMy$oU_58F>X1L$rrj6Y2HC#9bF26Z4No&I<ZUECH<_GKx8aSAYT6e>I
zQCvj#hm|u?fFTw7lp5M8Nm3ph;+dApv(lZnU*)Utc9B~&D$XiRs0f7ri*hw)myfW|
zEutO9g(ujgeUymxTbN>>vC!KF2S(&d;w5?aVCs)%;Ikjg0w5!(U9-D{)jkeY)9nJ!
z=x(7t@x-gCWPW<KKCixxzSweluM?N0tj2xk)Ut5y*;!gk2K()gdJ|pmMB7rrwM87W
zUJpWCG-{T+dk5R<ELj=5j>t-m#S3Zb$Tdbz{EUplM9!DIBA&=w-)u>4<4_15<#=>U
z**7f6*~`ZAr%!`_vVG=DC?0+fnh^u+(sIE`cugnq%*^A$QeAHa0&!fA!EOmv)jn;6
zjQ73vXmRG(jPs;#8I&?v6QBK}@~5p&Sf96MY7n}S9%EZI4DJJF)=d3z>7oaH9^5`(
zT>Fn$#!z!^sGPYk#y)GW1B<Y?jGo^w5ZIJeJJ$I5Mi}Z?m|dW3GUeNej@;a;@|R`#
zg!PUyVGL3;)K1j80CK<WJ`b$nVigYU|3v_^>sL$g1PZKc_ucHgVBm^6NEm6cn$Gf-
z=(f7b^=ABs_Ngc0q%leKj$}^5lK;S63VZq+QTc~nogE*3Q45w;D|(r#`i=`Hz0KLn
zc+OvhWx~A^iFvjGj(bvNs|B;P#}{~HxJoB6*weAwpTV^smD#?0Q@U$siKfLQc2XC(
zeX+e?Hmp2T@^n-66C^26cI3wFSZGRTNnD0lWi9If9e!#_$MlAgRK20)ZRFXQo?|3m
zBzqE`;Kb#=ipvVxRMxmMu3(b2zpuy1Jv%3Ngj{@jN5DmxT#Yo~vay@;d5h9Shdx!*
zYBc`?f6nn@uoN>m%*{;*%PHFgc#G7(J6-oZ-eki=CyNK6+az6*=)o)<sykYEUMjmc
zn}*Y^SmY9w;BflcU-jg`Z5<RYeUk?E$hp(#O41b+)1A(!DX5!c#1!e<_WH$WJ0lp@
z=CBrQ770za(L#+>e#{=Ow>ym$1cEnCbg)}ky#$3`MHLLcSz@-y`y!KM6TEPp<t@jS
z+Tb&&h3=b8z21Yugw_zTBCrF>tBNOf&O`M{g95S}Qb>>t@ma-Kd&OdN&%-aye-6ym
z>B&%T?<QAr&>fg3LzZz9gU!76;v<p(xx&WvMhiXzGo!!H{8K+ew9JK|H8auoBifBf
zg1Y0!eXvr4W!<Ugv(!#`fMnvZLwKI!=tGNfquTIgt-w%4{jpEZS~|HIP*c@4@x-*u
zV%%eAch26jnV8-J)Gvqm-v$Z^cnRaG4`5>zJGvTFYsI8m-?pbfsiODFxVWS)a8do8
z13uzMK1S*eLhuhRY1pJVVH^N^fCJz;;3dEr;CLx}fbC`NfZ+XSj9rQi#A@Q~?!Y5;
z6Dg07LEex>BIR#fviP4ND#}YdvtC+^WI({>LG>q21^jQo)-bAld&Dn!K4D$wHF0sq
ze(zPT`~L!LRMR0td6RYl4)AQ^jxRAG7!AVJ4;2RM#_t5&!cv4v97KtmtGcw&>=rx0
z1`E?dr~;y=gfp2B+JQk1Dr)$gcdYmD(-r*cQ$0@fF7^%$CR)i?m!M)q-ZCX2Bb+UZ
zk7<RUmkrHk#NSV8nME)j#a7?4oMH}yXCuHH3zh7SyQ!?g_Hu{c;Q@79a0-jpYLyqD
z+E%A|z$x==G^}YYi-ww35U~81R*O8G*Fl?JgYe!zk$ZmP=Y-RwU)qm+-gNTav^~17
zo-AnIZP(t?$?`srL&~(Cc0rjr-R=229@eLH1-UHSua$mP7v<x>v2r3}D_blJh2qMZ
z4}4X;skGj#s*R;%ho^-0hHkw$uv<SC(DaTzFWUucmykBCa^sAu;ks6BBQ!q5r{Lv*
zEg;x`_T}t5LtL^G!psgc*+0*Dw*SiR;$2B%2@}#*uQVC#$e`qBDoAR4rjHZY@r@0;
z@&GN}7sN~G`BmMnz%kRCsxU2w42#N(3u}(Z@zPv+OhCUBVd?5f4)H9&u3UG&t?doh
zI9Doa6=G`q6*?}<V#j<1z@E+^3Ct>nH|meEOpwg!2Rs6gl2l%;d=_ax9avxwaw{_2
zr3NvU2}h&9E}L0Ojnnz`<sV7?emPX~rHNP#TSzZRAL63TZdvk|r!**XR*xNuk;LD1
zr^f#(U)xpf{-Al6C0>nqb{`r8QN&cU+FbSVXdP~k_&iUc3G7MqC%zyZT>s|H_Vlke
zQ1i_4pi!2V{3`H%GMs!vvtzimtJK1Qf8*Gg-Dr{QD6seIuw&H<#y7sEQleaDKQmia
zO;IXUs)FhOn&1>Lpe`p9+jFF>#P`Od5nai;L6A0`cY*%CZwEaI8g7uE%CCNrUgc|5
zDz3+S9}7?6jWzUC(tjvWM@)|$YzlsU^95>^e@DcKe9_>@xh8L6aiKpFEA8A&KKj1O
zYQI7yr{jc^sf{k6gCq3s_L$z<*T%$|hw_ihgFPtr*sf&4u-wQpa8!Eh#}!vp2e*fa
z<ygIs#@NW*A?15jzD|g_3Z20=#lhNS1;p&Sl-8!^wPUjK)NxnYT6+}rBGMAcXVXgN
zR=iG!;591@A^BHUYEM!u^eUNoZ|+zzpPJg9h`~a(T@!hvdU$s4K;Yr|!mv4QThLcm
zH=0kjMVm?V!Ntp0KLkJ6aD3m9Iyh6+UE`dX#ZH&^w?XL5$ERBAtBzKX9jnPzWn&Wk
z37ipz@2i22e0qSC7P`^v+t@tP^tHLTk$bp%xmo3!=!wdRY!eNKpUOkkln}Hx=ibga
zRouem!ws)$=ityBW4qPPi(i`bQRYq?{c;qNLxi5F@5<`|Eh#ykWjbAQ@LcvGQc0Zo
z!LtG7HTLt=D@pNlfI5_=@^bItDrVVEI!>$_B4)p)lV_xBp^3HR73Yg?ITlV{Ual}M
zpek~BTPtTzHTPpJX!Z4{mrq(Io7z_E+pOcdL1Y+0!5V~QV4^s-F#W0xY8Y6aoe%Y=
zd`N64`S~Ctfu$d-SO4WujOoSq#W8tsS|<VkDzE8(6_=x=z5qwLSUgzqiDu<fuR`b}
zq!0{${+VPz3IK>l6?04^Ui?)7v}qLA`VQ_mQRqKafb`gfa+(_6U&2s>*gC!>p#F|G
V^fZ<UJWG~4lMNeHn)^Q_{tL1DM`Zv2

diff --git a/.ci/docker-compose-file/certs/server.p12 b/.ci/docker-compose-file/certs/server.p12
index d3a064d5f352ec90fded2e6395637270590d0568..a23d5808411cb54a288bb10811d7bc5437ca0e66 100644
GIT binary patch
delta 2485
zcmV;m2}<^q6_gc_U4JvOw0W`B526AB2mpYB1c=g-0_hjdnpoLLmWIvDC4gKGtSlDu
zSw_X5;Lfx~Ingl*)-(O}rUx`hbeR|Af3rfOQlz5~`de6Q1=3^VFq@^s#cWylY0(K!
zfN+|_vco;9RR23OCA8<mBbd1TL-Nwb<P15nCQ5rzR{C~`r+*-0G@Ms``0}w9(kOnS
z!%5$?>ddr>e2uP3V&h594cIH;(?#+74W#4c!XZAh-TU9Ek1z~fb19AJjK28A8g>%8
zCmCnQlNNQ#Fhm&OP+%Qs^L2Nwu1Vf{+re%9>qz3Ki0e3icsX{8kWPZqEw9o0BR}Zg
z7ax}d;iDp|m49Zp?7;}gCb;hX&vAi43g3+M*`5q#6@S2;n<}&Bq!qhEWz`+2^!kcO
z3|6rw_8&=gXvAplPR+sDTxW%lyB!=x1`GnaqL%&Pa~V3!nA|+uzP;0NyCmag@~3`Q
z-Ds2R;F$4cvn1nPYTqMb9|hK(>}*BWE&9NX+KKi)CVyck$_X-#NfXAIRYUa@W{Ad;
zYCtyG>O-;&$WO%2gFS+Y4Y|-<ci3{-=*c^1+0DYvk+8+~@FUtHkTkm_bjH3Psplp{
zJ5l@bTxCX;Hv;48*c+csK>XtA2)zz%MY-U&UTI?;Q-~Hif0b@dyy0o3Z3ZQv@U4=S
zslZZ@`G1oLi7ab>uOTg$SxQjoCj@!PKhJeo-OP__j|JhF!>w|%9h|pt<*mufa5!t%
zlWhu6Z<PYL&Gi}unsm702w26{9Hc2HhQUCSVmspd7c;59Q;U81$N_%iW@xat<K}#8
zWox!huDC_~i*;6M9X8gy2gZMrF_Oj@+!iWww11)mKs)ldlVw1HMS8u~hCbSTUxSQL
zF%A~7K)CHy!$<c$LPK9dR#mB&NrzW8^E@@csFgdScJEgX!FsvT*O1eL=YVX3R5(O|
z$>8q9uInn1qyTRs>9o%^pXY?FEbNg8y;&$uzvGFFnS!+h<pVvF*DZ&Mr|J7@0)k4S
zgMZ3GE4dz4CecT>il%|WyxA^e?N-kLNn65LtQPN;TDtW3Ud);NXjVW;cbnTpQvzuT
zkE$%@nbr(rD&egUa|dXoz=@Qc>M*|mZHpL`>9h==$=n>tI|SD_*fo`ngDL^EtTz}}
zS?U9@dE4p3<&7L9<62rzZp#%Xo67Hoo`2`K*3enDwt%qs`{!r0adM<_a&wuX;umle
zVFl<+Z|%(c{eFAPDg1Wkgrx=yfw<qx?$)RYMwfU+idXA3y^K01We<_3#p-@-^DRqx
z^c}}TXp{C-H(zGDA<d&`&LSroVFf0OHOq`z8!;qjOUa_%;HKl_2#beHMFIY1wtotP
z=v<(jE?)<PNFNibc6N8=wz<VHrKruPNO@CMi2$%nocPj+U%QjP*O7m!!DIANiW-X;
zl*zxSQBhn^=drNQ@14(2V5s^He`l_fBDF+eBer9rS@KHtlgSoKfEXy&D9?<ttUX9t
z8}~nin~$>f@^-DqVq5-*lp-T{XCcx(V8Tu1z{UO`cCIvTM|x9$5>WehkJq$lY;&>r
z6BI0y^#n$L@q^wp%9<dj0s;sC1cC&}d(D)eEam7P<tPTgZbG*QCIq2fMX^3*Pv;nm
zLX@yec91${^0|id0Yh8Y;WUR0hZ;g>Yrqy8S<#A>`2rq9LTeM~Pa4&Fd<{l5BDj|c
zQXiDl5xdgyMiqfS8LoHkZ8T^=v6jF{d-^&en&csW*{9dOll9(XceCPLBE$B`uhG+V
zs7!91?VaIED_Zvs2~X(ePj#re<)bM4^dN%O9pvPHI>%S;SAo&kx*4=3d3T<xTXUvd
zn>%C{W*-OH@3GGU@`k+g=KmL&C@?GMkWpmNZUqp99IrMDm7`|EQ)oOrVo=U!($7Qx
z?AvO8$sJLwE`uBJa#k0f>pHs0$R8fL2Dm69`e&hUkfXkcHw9O{jMaaQIgD7#FIbl<
zxuY>*iMCI7)d=3Ya<O|?JR^P=_R~p+Yx`|HYx1Aq>85YqT>v`X<PP;0cI5nU$p1pl
z`PXJXQSxSJEU!Dv%B%io-YR3N2H<~vO-7`DX3(=$W{Um$<`(=M<WObygKERc38Nnx
zOVMD%wft<-qh?Cbcu)B<^d9yNb11WRUg<srLQiq+;AFAC8T~U(b852J63fcbT#5Wl
zx}x?ZL$!3a+}DXFZFQ^vzKl;<r>F63{<4vule%ntS}u>YSS!FAxThJ7I_M-E+{TE1
zM`et>uw!+F2Bs%STKj9gA^CT&I)E-wfwF%d3|~Xu*_K5QO;G|jzDzu>t>aZNUNVE~
z@&@5W)0Zfb3C-HI#CCX}<<97khts-pvmWY+Zy&@XJci*O>m+%L%)zS&<lT>g(=<Ot
zR#4j`iO34|U!n#c*@rqjT9zqBI=AM3d3JwR92%9EBM2E7b>?7V%!)>m9J^sXH_uFN
zMjD^OD~Jy4^whBzyZfV7gLCRx<zIeRexM3>r&-Z+P2RR>QJC`7rH9UAGb$^k3{EZK
zB{N0UKk}JC>CZHs%9`=ctf0I%3Q1z8Di{Hq`>^6SmNJC{U=c#&!)U*WGO%lZn=N~n
zQkt2q3bEaGg~WB4ot_XModYr7j`W$HZB<sm`k|9G55%~GxV7xiXk@R)&f4_*vOS8P
z5#!N6K3gUnyrPF78PS{-x@K0X7Ab+VEIOkQOrz4bgr$wzZPVbK3*KqhK<T?jEt2^U
ze{|thkqJzPQ8<ZH1<&c2cdSf*>2x25+MDz*biiFFwvp7*0Dlfd1qe8)Sw#pS1tp&E
z7-<Z`U+%&}6jn>U_9x!_u&YMb0xCXai|=CyqVM`YP`L-jAtFox31$tFwSTHFOWr+f
z?F`^2^C+DEcE&8haItXXaR4dB@Z31vhZ;<5mrEue)#p}<CfZy~eTFrE&P=~YQ<;k3
z$PCx}5;rL$=?wssQlJ&#$p!cIT`WOT&*;<5#<YL>KV!Co5_(NqMa8&JoAo(-2Bxl#
zBDxRdDa#{2{o=zgK3N+AxOL2{0A*10-SETak=Bb%SCF+*OydMLA51NrBKREby)bce
z^BEA>`Qh70BE2o(G`zZD2W>z?x#`WnOv(v8N-;q+smkYvJuz8meCr_VosFN`uzo*Q
z2dd~t@_YmTR2eI{Hmht*D&pI}GSm|FAS&2`7dRI^)M#<d9f@YGnu(XYtv?Ma&1N@?
zakKq+PxHiRZIcrUUm`?#2Z4Kh_&V7trdEg)GuN9GkvjwkW1$5@<>kI50s;sCb1UJ~

delta 2485
zcmV;m2}<^q6_gc_U4LwbJu>@IdQSoZ2mpYB1c=2iGXYBtNQHa&#QHVVVV?BXCAP&A
zO2TOXBF$$Q2f+-F5{P@E$mg`DSJ2$QOv-V)tr-pLo4kQMBRZEE?`eXyH&pk{;vf{7
z`F=QfGP*sS=doKL$LhN(ahURxtM;f1`o6b`;J9*iO;gk#e1C&YRUfs|Gv0NZC$#$7
zk^UHHuW&-m;J7w|O>5;a(4AP88>L*6)CKChq18p!;#K^NfzXjwxPbyBTi~5HzV1}s
z>A?beWzp;^(vnXWD;0As8%xHLIKu^z`&MY63FgV_$>0!p+?U^I;<9|gGu3v=L;=wB
zhf=s9h3QNdAb)fPX~HsQv3?aBTwGZw)<uIYNnW6+X39lwcL*$pX$b_#CX=2IKcydi
z$<#d`Ej@K9N1ziT@O)5;R(1@(w1{2n#R2lYnVoTeV_PG@QCA+?p-&#mqBL4rAzIeG
z3VXAILZ%ef+c>8lh0*!+;^%POEy&|+PzfU=iDRO;i+>nFKh3Rvm3OaoPe{m<X#(@1
z<Q!M$(tbUr@}8~h;phM(Tyc_*bCwZOa5$BZq-Ei&&5Paeho^C=mnVI7bHeR(mS@xY
zBBBuwQ4qb>@U%QZ$5%D<Jl|+kAXm5HJIbg~Bj6EG*~ThIooBC)UT?tPQgU}|H~KSO
zjja?^et%X2-|Gc8EkQnMg&{9!jT9<#4S)<U^Xass$u^)pnI%VeF8w7FtFc{58(gIt
zMFxe)%npLm_>FX-;_T5%Z;_QaFtp;tC35B%JFW_SNXUnaD>U%)JdONm`5YO8Xh0N}
z-I|MM%-R_Z;`pE}RgH<tVs`H=hMDHtAuiv`;(riJB3CamF6s-Gp%#fFB;h}SV-9AO
zP1Z4o#?;DL#!PN5y_-nAV0HB6`)=?R+Oqw4((IBhtwN>`X}cQh%R~>Qk^2{AvaE_G
z|LABq6GGbYUHCypTG{oH3(t5f2D}_+zP;9Iqhn)E-zL<h_25;Hoq4pNGqljb8LE_<
zWq*>F!?w?;TrgA5Eg$M29|Luq@X+~{(K-X^mtu;BBtm+`+p0M016WJgg+SLnn#M+t
z!v__JBWRh7P|dNI+2#IM(s%D{norijlkd36s$!O`@9A0R?HH7>Si9%KGH~NCZc(=m
zI!iKu7ovB)?ta`@bgg{mXqyn5r2hRPZhzM8GX-j@w?p#XCF1+|0d@>X0;oqSoT69b
zo2%9Djg&UfCqW-3){`j^URk$&)bN`qpTYrE6Gv%8-UAW^I%sB#xK_zgg6W%FQ>Ses
zRa)F|3l^fG1kz@H{R+D2*WJE?^@>BdT$C?lYI7D!g+=m=m?`2C$&!7L7y65s`hUEP
z!Kq){ndQ5GdU;oYWEN&nB0oADnrLY@N%<s*bV~o*AZ~uuEbh6Sl|e?r)W!t-0vnk|
z^rB=&;T;LPI4|`N2EGBX*hdn0AaUCtu2w&;E7`$CFzT(}aO$Y4OVRe5@H2C`nB~s#
z27Rhx!9GeFnT3)^COhq>lPv*#RUw<e_h?o^mcA@$hMhu3_Wk16r4<0@?W%IDMoE)5
zB!Ux@^#n$LYWW8JDZ}RH0s;sC1cC&}IwF|cbOz8+*pr9v@ced6{1u=n5MP3e%bW6B
zks#|^-0JH>rYxk4a(?@(t5soJ4z$By<x+8I_<cF1F*am(!1alix_d(IGQ7YLlZPl9
zbK<hxu!Wy5>$C9eiY6!>(D;QEL3unGDLkWE3?)W??PP~J^RrQ#m-xKO4Yn;C=U%!l
zCB^YAVrakZr=7yIuJJ&wP?>?{5%gu&3MxAolKnd+i&D|8lfkwbcGhrFx~@5M!gi26
zbhE}IG)|9$0b>Co><zPJdG>(=V)r0Yk;#k1?$iZIsMG?;&ILmc%L-FWfxVGFBN9x9
z1}24n8{Pd-mjvXEG+Wa+5aeu<=ss<d=<W;Jf?8wi60L2aS_O_`vN*kcv(awFJi4WL
zXBt#B=L{VMx=Np(G_s!Bi{-zs4-b>hU>~AzjUy1?CdcZ)2c;Y1l))(77hi8$At|d-
zJPD8Or_=jeA21UP%XIBlUm2A95l-j628d06edA$fI?F?)<s$ODO3PPvg!#Uwf|lU&
z`sRG7922p1>}ZctCWn7XQj~YEPtt?r4Y8a#vbjh2NJmHp{?4=#Xy^8lCJ7n=Fn;um
z8GAz!89&QVNcAWo!Lol7b80~coqV{ySO(=Fp%o3#&}(=)^U*t#Spd*YcNKCo-_zrN
zpH3Lt{y(JzH@j+{O5fv<eCVFV`BH0e!}KyGX;qRutBP0JPz7ENcfvwLWMQa)3Yn{4
zR?u%ZHLy71SGXLH<l7uN+f6$@zhIFJ?9_H4uD;2+sj_CT_?QCJVuEqhnr#C^ZfhEK
z8m)96uxRU2s=JwT*KX5qETaR@B+_SpX{nl>mp@SG8lPruS9MS(;SKXE4#%75SI<op
zUAyrADwPVnXOJ7{2YMA}1Y1nQ%^=oMB8d2hz?pHrV*Mh?qE9yS*Vsia4J^v8i6Mx)
zdlc}9gT%xC^}L-4Z~_1wYoOh00xJ}5OOft|%6W+0u`oVjzDHTP30#2En)<?j71$7|
zYTGb|^$38i;!Kl7c*vPFKWEv~eCm9mp;mhE5YT^B0Zhmkcfh9%HSWD^=cHy039o=?
znG-HGIbmAG2aQoUJD$wF)Gac3jY=PQu5MP((4l{Tj-5*!p4JGF%o%^vBNYQ<5S#&H
zK&lWhI0G~SDTI%HriwD8P?L0jWy4GdqOoFj6d}X_Vmd3Ur~EPFc{p|)Eeu-$q}*e#
zGq1&y;nU-pV<GdjC=&+FyjaFxLXM^#0~dM9*it7#g_(ieO9xaMfSQ@`+_8Uqy&|A8
zD1)C)Z6~imPfL@R5*6zljq)IP0rCHqx>!JHv^X{|iA4%Bw8A607G}7Adg`mf(S22Q
zOrY6A6U7R0@!%O03>3iaU2F*ApgpP>XSLzcxXxEeTsu3@#JaqPYfhq<0_um!H5r`@
zVhH^_XTkbG7PMbsH%>@Ecw1@Cj=WcY_q&PMhEZbL)n5L;7)Ie9o5{%HZ}uvP>>YVI
zWOefoyQa(4J}$uya!h<-^_ae6`Pr1Bb2H_kBR?4!s>oOdPT56akP(Ht=6!2YWUJ0w
z6N{-IHxQO(Y+8L;E1HcS_;g=bTAr);?-C$9h*mHAr>oN6!DmIs-bg#$d~7BXJpLxm
z=O8y9KN->85R(%MUm|q*?C^wz{fFH}NQ%)XE}6=>{fPt!)|jP>*wWXW0s;sChj_y8

diff --git a/.ci/docker-compose-file/certs/truststore.jks b/.ci/docker-compose-file/certs/truststore.jks
index cd97d01588c7befd6cfbbb679a3d02623380a241..5ea593a39bb7512727b38beb655c3770ee34f4ea 100644
GIT binary patch
literal 1318
zcmezO_TO6u1_mY|W(3o$xs}<el|WwGyT^V}46G4)rUsS_3@k4UnpmC~G%=lF;$&#O
z*Q=m-t(VV$myJ`a&7<u*FC!y2D}#ZFp^$+98*?ZN7Z0baZ(xK%NNRD3p`3vXNQ{|B
z)H$`NBr`2DIk6;F!LhU?BfluKq|!i6oY%<E(8$=pz{14P&@f7z*TmAm)X*HtCDYU<
zCM9I&F|sl+H!<-u0DZv4)WpQduqtcPdYSg?D}LSO$dcIdHQ+tRue?U%!uxZk@O%oJ
zP<E*#it!bfti9C?_q%%UAF3aH_}P=kDa<f?-I+O8z8-lc^XYTjFY})h?-(@lHeEAY
zo-qFni?Yzd&<=-B`_sZq+;_haiu00uTiWNFwogIf+v@Mv*rY!_|Jc4{)6BT=2UqT&
zIwDvfc20tEy>GAiogd~#h86OQ%RWCpdi2fRtdQg8&x4F7)PMQ9<=FDQ>VY|tU50y7
znGbs>tbM`Qxkqqka-<V)z~!oGT{BvDEYSKdy{|9mvGm1NsefJ;RBt>h#5D84mg@@E
zj$HH4{MQUVyvfn-Q?R_mi77YVPCm~!ahY88Oy+ZTmo%RVKhl&~@>b>Ve6Olys@Kj6
zy__=9*vtIKh2FfMfzOs!hADr{`M5V^f=N%uQO|m(Pm%kKJ49w$_I7Wbb4_;ZV%^ON
zN7)TLb@y&rA#(5|>x^)<U&=ktuk+V=mML*f)sstnY}utU?Y_g3S&94N3zoz`cl)~P
zaK**2i+6t7UkWPuo3%iEr6h+>nt#-0{)s0A^?x?)c&x!^tSs4X8EW%dxOLIf_1iQ<
z-J6e1wp=3ihwHgYBC8jh{0CdMR}WV_H*rv$bvjZ@meJwW@f|8t_I+7A>G+ZKD>rx9
z>Afjmbnot=WwMq<)2HoU_-U1o>Nh9(_5b(mx)~dKo%2O|#Y#7Gf4^cTW<~}^<P-u-
zz`zv3$l#(iYvJjq2B89d7jvs7Z`-f9b<)nS*M&-|ch0@NVqf!-jT~xP&X=^LQW%?^
z)IR>{<yqqUXIn=9{Dy~q;uCU<POdLa={mnOr&ZHqB13mf%Z=~Nk?b>i=S+(A{r|6P
zx$I%vCA(LaMVS{}78d_yCqHS6uj^c0gOK<&+YWowFO+hA7I!fBW$#Vz3Lc$%*4H#W
z1uf5+e7K>1e4ladrWOAUm>%8vv!Fh*Xtr>Kz1-YTmr55d<wd$h(`w~dPJA^CYy4Ka
zw?}_cOMyxItlTE68<Uplc$w`<KXx!_b@9W+bLPLD8f3;d`DyRhzPY^S@Be)|G0Fa1
z-_9S!7iXk6zc@YZkGMZ?^Lopv!i7u=Com^HHN2EFDIxXX_TIg|y3cL}^15HP5bdi~
zxU(W8{IREFr;RJ$Yq<+`#wx3PR{Bho6zu(S-`!2+*i4-_C*E(|*IPJ|x87e;<a@>Q
z=lhr4He9B(?%_MJhg+*nC%iXV{`c~?=6j7ZOiuK_JKv=q8R)_BobBPZtDQDtbB_Ji
z`g7=0V)(JvhAWl_8vnf1p5m8W@^ovlh?7j<ixY=Fu5fVIH7Q87W_+E$=NbFr4JW7f
zWK9oe<=-1%5z%~nA>VRm%j?e%9f+A{@XeSxaf)wZ&;GTkNoNl#KH^_fcxU(7g=Kj+
ziuQ2Ly=1kM<@I&eCNUnxY0>`AU%tBR{bD1}lUs@RnHrZzwQYD{_fh+@)qhSK0JC0G
AbN~PV

literal 1622
zcmV-c2C4Zlf(B9o0Ru3C1^fmHDuzgg_YDCD0ic2f?F51a=`ex?<uHN;;RXpRhDe6@
z4FLxRpn?U`FoFfn0s#Opf(6G02`Yw2hW8Bt2LUi<1_>&LNQU<f0R;^(Sui*T2`Yw2
zhW8Bt1q?7N1QZjCgZj(xyWiM~{>)EOumwXc=d1z(ClCSwATSID2r7n1hW8Bu2?YQ!
z9R>+thDZTr0|Wso1P}}uYk(Nh6jHK?jg?1k+sA-{1yD$Kl-+1u^qlu=j17ww4_OPa
zu?L5ne^q+7cGq#*5Xi|&{ajOF$)WAC!KY(M0BI=UMvouR<C`E4EtVB>iNw(DhAB$#
zA+&Q=ymGuZg$Nvghaioh+Jc16NX=0AI?+n-G*b7j4#S{B1yC^s7&^M*z+BxJ?d}B(
z3-ED;r1xR|1;L9AXrw^%q2W3<)?s0JbR=dSE$}W?qhht&NdJ=<F~hjRbY3R^B+9QU
z3samqYt+hMbv?xs7e-&!6ZXAP2mZghpj1wqZ5EBzhkE0Jfk2c#-F66d3-PgdI`x?f
zHGrO9z&~8hQD2Yc^XH^7YA58>ABWqKB)vR@?UMV8+^Ej(1xvd02A;okOWW4fOFuI`
z9Tj<^&^}5H=vaRpF!X9%j?^6TIAeFvmJtpKQxFWB;xq*7_uBZ@{X<PVP}@NAA+>pd
zyhkM;8T$j;$3p=j=+baW;LpN3hAw)hgQ5cnePyNdq40Le-bx``xEPR|yXrN_gV6s2
zBw?SPBx4|LhYgt|3{=ja?0Z_c`CeRp%lkP!Df7s9<#djTRZ!|H*z5|*u*fd2_8E2}
zR71rLUm~sWbvTkC$v{!M+!p(D&IEI<^L(m|xk>xE%-if+E-UqgA@eKb1J<JD`!VXH
z_1q0PkNXA<2GK=-ainzBfl@4_m)$$2J649rG+$k{H}TO!Dj79%-KQq)SVT<*Zw=rT
ztgG@%zzj>IB(8{pcFoZVaW3&qKTSw<0DXz8#;v++xFEZmf;ZP_P+9~1e54nAm`%6+
zA9I16r50Hw*({R|YM7urX13%<R|ls-(Qf=9@*MQ|V!gQq-P!YR*;!psHWBqeGMvsS
zf<y2TeSh2z4(kPUGm?^abYZ;faw-PiKhblrF%MBFT&)A<Q<^Xjo>ida1BC>v*5Z5`
zd`X{gNb<9WoueBPG~GP|V5(e{>vlUMTBv-3_KQ2jo~L&OdK9*_5)ZRBm;0fiPf>4O
z*ZB-RTpMav7@#Px%KV2Ts#ia`$>r7<Z3gr7SZ>wBcse$ra)&WtVs@W4Mh&N{M3V<3
ztuQzT&)SV4F7;O-Ue&ujumkp`O}q^f0UzWGh=6lX#)6vy&iUYNI#+~XguJ-l7*vC6
zLS9123Ru6<{FcC{n9(&lddcMFTf8xqdvH{k&3pe`v<WVYzKLOy7r?t^D=m$<d2HMZ
zHXNYF2%9M$e0mp(`&ts2MEnG(XqFn^`#bnPu!N&z=~6-rC4#&kI%|lvQwmGKe3Ixy
zy?uMsM%?6ZuS$T^My<^|PYwfD@8sP+H=zI|Pn@8^<$fuKL$;a(w3ci>Sq2+5;_qZ@
zg46`Riqw+$b4G8+x=lG~F)AxlR6Ypf^5&^q$M)RGd;!30B2lTJzAp|{x2Ma?c87Qy
zZ!sCL+sgo`s@=v%4ahYSD03VP>nJ~RO$>y?uSlk@QruQdZhPS58R>0e82I&raEL52
z`fM5EO5MBXWI|wgh>Fdxht{FhA7I=69I`Al55Ax_%?Gyldir~i_8=M&iSjZR*EX9R
zx1-_=cl6Qh#$`7LO5nT7lH!yU8%;$4b$`@-25fxGE*RN9HeCQ|jx|!qJ&ia*z>x&9
zoA}%-lzsD7k5YpenqR5+IQ1I~gbx-4uG8PmfeRRVo*Bz|fW%g<izAjbO#3NL#vI(-
zsFga1!Y?D*T!|vm^)=;?$~%(bTN5y-S<fK%x<Ti+hYdJCu*;~OhBm;`mpF=LdUGWr
zqRC}`M9DrZ<QnS0!ensm6vH$6u}G_;i~Be2B&m(nMhf_@>&<YRB<nCuFflL<1_@w>
zNC9O71OfpC00bav$px}Peye0XMhtIbMcGUfw-|BX{Ma=O`Y;u3i9R6&6j{DH7Xq8&
U_#+cuAFH4*5M$OX#sUH-5HWY@;{X5v

diff --git a/lib-ee/emqx_ee_bridge/test/emqx_ee_bridge_cassa_SUITE.erl b/lib-ee/emqx_ee_bridge/test/emqx_ee_bridge_cassa_SUITE.erl
index 41ac1c33f..89187bf5b 100644
--- a/lib-ee/emqx_ee_bridge/test/emqx_ee_bridge_cassa_SUITE.erl
+++ b/lib-ee/emqx_ee_bridge/test/emqx_ee_bridge_cassa_SUITE.erl
@@ -37,6 +37,15 @@
 -define(CASSA_PASSWORD, "public").
 -define(BATCH_SIZE, 10).
 
+%% cert files for client
+-define(CERT_ROOT,
+    filename:join([emqx_common_test_helpers:proj_root(), ".ci", "docker-compose-file", "certs"])
+).
+
+-define(CAFILE, filename:join(?CERT_ROOT, ["ca.crt"])).
+-define(CERTFILE, filename:join(?CERT_ROOT, ["client.pem"])).
+-define(KEYFILE, filename:join(?CERT_ROOT, ["client.key"])).
+
 %%------------------------------------------------------------------------------
 %% CT boilerplate
 %%------------------------------------------------------------------------------
@@ -196,6 +205,10 @@ cassa_config(BridgeType, Config) ->
             "  }\n"
             "  ssl = {\n"
             "    enable = ~w\n"
+            "    cacertfile = \"~s\"\n"
+            "    certfile = \"~s\"\n"
+            "    keyfile = \"~s\"\n"
+            "    server_name_indication = disable\n"
             "  }\n"
             "}",
             [
@@ -208,7 +221,10 @@ cassa_config(BridgeType, Config) ->
                 ?SQL_BRIDGE,
                 BatchSize,
                 QueryMode,
-                TlsEnabled
+                TlsEnabled,
+                ?CAFILE,
+                ?CERTFILE,
+                ?KEYFILE
             ]
         ),
     {Name, parse_and_check(ConfigString, BridgeType, Name)}.
@@ -257,12 +273,18 @@ connect_direct_cassa(Config) ->
         password => ?CASSA_PASSWORD,
         keyspace => ?CASSA_KEYSPACE
     },
-
     SslOpts =
         case ?config(enable_tls, Config) of
             true ->
                 Opts#{
-                    ssl => emqx_tls_lib:to_client_opts(#{enable => true})
+                    ssl => emqx_tls_lib:to_client_opts(
+                        #{
+                            enable => true,
+                            cacertfile => ?CAFILE,
+                            certfile => ?CERTFILE,
+                            keyfile => ?KEYFILE
+                        }
+                    )
                 };
             false ->
                 Opts
@@ -272,6 +294,8 @@ connect_direct_cassa(Config) ->
 
 % These funs connect and then stop the cassandra connection
 connect_and_create_table(Config) ->
+    %% XXX: drop first
+    _ = connect_and_drop_table(Config),
     Con = connect_direct_cassa(Config),
     {ok, _} = ecql:query(Con, ?SQL_CREATE_TABLE),
     ok = ecql:close(Con).
diff --git a/lib-ee/emqx_ee_connector/src/emqx_ee_connector_cassa.erl b/lib-ee/emqx_ee_connector/src/emqx_ee_connector_cassa.erl
index 6b7084e9e..cf25cd6d8 100644
--- a/lib-ee/emqx_ee_connector/src/emqx_ee_connector_cassa.erl
+++ b/lib-ee/emqx_ee_connector/src/emqx_ee_connector_cassa.erl
@@ -127,7 +127,6 @@ on_start(
         {pool_size, PoolSize}
     ],
 
-    %% FIXME: how to set tls options
     SslOpts =
         case maps:get(enable, SSL) of
             true ->