[jira] [Work logged] (HDDS-1065) OM and DN should persist SCM certificate as the trust root.

Mon, 22 Apr 2019 19:00:42 -0700 


     [ 
https://issues.apache.org/jira/browse/HDDS-1065?focusedWorklogId=230992&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-230992
 ]

ASF GitHub Bot logged work on HDDS-1065:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 23/Apr/19 01:59
            Start Date: 23/Apr/19 01:59
    Worklog Time Spent: 10m 
      Work Description: ajayydv commented on pull request #754: HDDS-1065. OM 
and DN should persist SCM certificate as the trust root. Contributed by Ajay 
Kumar.
URL: https://github.com/apache/hadoop/pull/754#discussion_r277495379
 
 

 ##########
 File path: 
hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/HddsDatanodeService.java
 ##########
 @@ -268,10 +268,13 @@ private void getSCMSignedCert(OzoneConfiguration config) 
{
 
       String pemEncodedCert = secureScmClient.getDataNodeCertificate(
           datanodeDetails.getProtoBufMessage(), getEncodedString(csr));
-      dnCertClient.storeCertificate(pemEncodedCert, true);
+      dnCertClient.storeCertificate(pemEncodedCert, true, false);
       datanodeDetails.setCertSerialId(getX509Certificate(pemEncodedCert).
           getSerialNumber().toString());
       persistDatanodeDetails(datanodeDetails);
+      // Get SCM CA certificate and store it in filesystem.
+      String pemEncodedRootCert = secureScmClient.getCACertificate();
 
 Review comment:
   As of now we don't have functionality to look up certificates by subject or 
scm id. getCACertificate returns default certificate for SCM who signed it.
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 230992)
    Time Spent: 1h  (was: 50m)

> OM and DN should persist SCM certificate as the trust root.
> -----------------------------------------------------------
>
>                 Key: HDDS-1065
>                 URL: https://issues.apache.org/jira/browse/HDDS-1065
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>            Reporter: Ajay Kumar
>            Assignee: Ajay Kumar
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> OM and DN should persist SCM certificate as the trust root.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org

Reply via email to