[ https://issues.apache.org/jira/browse/HDDS-696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16699544#comment-16699544 ]
Anu Engineer commented on HDDS-696: ----------------------------------- Thanks for the comments. bq. Shall we move generateKeys, checkIfKeysExist and checkIfCertificatesExist to a util class. They can be used in Tests and few other places? It is a good idea to have a version of these in the client eventually. But I would prefer those functions to actually decode these files. In the CA, we only check if the file exists, since the next function call will decode them. So I when I get to the client functions I will add them in a proper way, that does not only check for file existence, but also decode the objects in question. bq. Are you planning to implement requestCertificate and revokeCertificate separately? Yes, in the next patch. This patch is already too big. bq. getCertificateLocation should include component part as well as same node may have multiple components and hence multiple certs? I agree we do have an overloaded function with component, in this patch. Line 204 after this patch is applied. I will fix the rest of the issues and upload a new patch. > Bootstrap genesis SCM(CA) with self-signed certificate. > ------------------------------------------------------- > > Key: HDDS-696 > URL: https://issues.apache.org/jira/browse/HDDS-696 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task > Reporter: Xiaoyu Yao > Assignee: Anu Engineer > Priority: Major > Attachments: HDDS-696-HDDS-4.001.patch, HDDS-696-HDDS-4.002.patch > > > If security is enabled, SCM will generate the CA certs and bootstrap a CA. If > it is already bootstrapped it the keys and root certificates are read from > the secure store, if not, they are generated. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org