[
https://issues.apache.org/jira/browse/HDDS-696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16698359#comment-16698359
]
Ajay Kumar commented on HDDS-696:
---------------------------------
[~anu] thanks for working on this. Seems patch doesn't apply to branch anymore.
Could you please rebase it.
Had a high level look on patch:
# DefaultCAServer
## Shall we move {{generateKeys, checkIfKeysExist and
checkIfCertificatesExist}} to a util class. They can be used in Tests and few
other places?
## Are you planning to implement requestCertificate and revokeCertificate
separately?
# SecurityConfig
## getCertificateLocation should include component part as well as same node
may have multiple components and hence multiple certs?
## Typo at L179/198: "addition component"
## L210: space in config name "hdds.key .len"
# TestSecureOzoneCluster L80 Shall we change it to static final while keeping
the name in uppercase.
> Bootstrap genesis SCM(CA) with self-signed certificate.
> -------------------------------------------------------
>
> Key: HDDS-696
> URL: https://issues.apache.org/jira/browse/HDDS-696
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Reporter: Xiaoyu Yao
> Assignee: Anu Engineer
> Priority: Major
> Attachments: HDDS-696-HDDS-4.001.patch, HDDS-696-HDDS-4.002.patch
>
>
> If security is enabled, SCM will generate the CA certs and bootstrap a CA. If
> it is already bootstrapped it the keys and root certificates are read from
> the secure store, if not, they are generated.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
