[
https://issues.apache.org/jira/browse/HADOOP-15981?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16972304#comment-16972304
]
Anu Engineer commented on HADOOP-15981:
---------------------------------------
I just wanted to flag that Ozone has a complete Certificate Server and all the
associated interface.
We can bring it into Hadoop Common if there is some interest.
it has an interface based approach, so that if we want to use an external CA,
we can like the Key Management server or even have it running independently.
> Add mutual TLS support for RPC
> ------------------------------
>
> Key: HADOOP-15981
> URL: https://issues.apache.org/jira/browse/HADOOP-15981
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: ipc, security
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Major
>
> The RPC server should allow optionally enabling mutual TLS as 1st class
> authentication. If enabled, a client cert may provide the user's identity or
> fallback to kerberos or token. Essentially the placeholder CERTIFICATE
> authentication method will be implemented and offered as an authentication
> method during connection negotiation.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
