xiaoyuyao commented on a change in pull request #601: HDDS-1119. DN get OM
certificate from SCM CA for block token validat…
URL: https://github.com/apache/hadoop/pull/601#discussion_r265840441
##########
File path:
hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/certificate/client/DefaultCertificateClient.java
##########
@@ -349,29 +441,39 @@ public X509Certificate queryCertificate(String query) {
}
/**
- * Stores the Certificate for this client. Don't use this api to add
- * trusted certificates of other components.
+ * Stores the Certificate for this client. Don't use this api to add trusted
+ * certificates of others.
*
- * @param certificate - X509 Certificate
+ * @param pemEncodedCert - pem encoded X509 Certificate
+ * @param force - override any existing file
* @throws CertificateException - on Error.
+ *
*/
@Override
- public void storeCertificate(X509Certificate certificate)
+ public void storeCertificate(String pemEncodedCert, boolean force)
throws CertificateException {
CertificateCodec certificateCodec = new CertificateCodec(securityConfig);
try {
- certificateCodec.writeCertificate(
- new X509CertificateHolder(certificate.getEncoded()));
- } catch (IOException | CertificateEncodingException e) {
+ Path basePath = securityConfig.getCertificateLocation();
+ String certName;
+ X509Certificate cert =
+ CertificateCodec.getX509Certificate(pemEncodedCert);
+ certName = String.format(CERT_FILE_NAME_FORMAT,
Review comment:
NIT: move line 458 to 461 and combine them together.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
