[
https://issues.apache.org/jira/browse/HDDS-778?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16670636#comment-16670636
]
Ajay Kumar commented on HDDS-778:
---------------------------------
[~anu] thanks for the patch. LGTM.
* CertificateClient
** Shall we remove component parameter from following APIs?
*** getPrivateKey, storePrivateKey, storeCertificate
*** Having component in function parameters gives an impression that one
component can override/write private keys for other one which we would like to
avoid.
** Typo in java doc: {{Certificate client provides *and* interface}}
* CertificateServer
** Do we need api to get certificate for given component/client or check for
it?
> Add an interface for CA and Clients for Certificate operations
> --------------------------------------------------------------
>
> Key: HDDS-778
> URL: https://issues.apache.org/jira/browse/HDDS-778
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Components: SCM, SCM Client
> Reporter: Anu Engineer
> Assignee: Anu Engineer
> Priority: Major
> Attachments: HDDS-778-HDDS-4.001.patch
>
>
> This JIRA proposes to add an interface specification that can be programmed
> against by Datanodes and Ozone Manager and other clients that want to use the
> certificate-based security features of HDDS.
> We will also add a Certificate Server interface, this interface can be used
> to use non-SCM based CA or if we need to use HSM based secret storage
> services.
> At this point, it is simply an interface and nothing more. Thanks to [~xyao]
> for suggesting this idea.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
