[
https://issues.apache.org/jira/browse/HADOOP-13992?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
John Zhuge updated HADOOP-13992:
--------------------------------
Attachment: HADOOP-13992.001.patch
Patch 001
* Make SSLFactory#readSSLConfiguration reusable
* Add parameter sslConf to KMSWebServer constructor
* MiniKMS and KMSWebServer$main leverage SSLFactory#readSSLConfiguration
Testing done
* TestSSLFactory
* TestKMS
* Run {{hadoop key list/create/roll/delete}} in insecure pseudo-dist cluster
* Run {{hadoop key list/create/roll/delete}} in ssl pseudo-dist cluster
* Run {{KMS_HTTP_PORT=1234 bin/hadoop kms}} to verify KMS is running on port
1234
* Run {{KMS_SSL_KEYSTORE_PASS=abcd bin/hadoop kms}} to expect wrong password
* Run {{KMS_SSL_KEYSTORE_FILE=/tmp/tt bin/hadoop kms}} to expect invalid
keystore path
> KMS should load SSL configuration the same way as SSLFactory
> ------------------------------------------------------------
>
> Key: HADOOP-13992
> URL: https://issues.apache.org/jira/browse/HADOOP-13992
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms, security
> Affects Versions: 3.0.0-alpha2
> Reporter: John Zhuge
> Assignee: John Zhuge
> Attachments: HADOOP-13992.001.patch
>
>
> HADOOP-13597 loads SSL configuration in the different way than {{SSLFactory}}
> and other existing methods:
> * SSLFactory#readSSLConfiguration
> * DFSUtil#loadSslConfiguration
> * WebAppUtils#loadSslConfiguration
> It should conform to the existing method.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
