bharatviswa504 commented on a change in pull request #1958:
URL: https://github.com/apache/ozone/pull/1958#discussion_r582688545
##########
File path:
hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMSecurityProtocolServer.java
##########
@@ -156,6 +159,44 @@ public String getOMCertificate(OzoneManagerDetailsProto
omDetails,
}
}
+
+ /**
+ * Get SCM signed certificate for SCM peer Node.
+ *
+ * @param scmNodeDetails - SCM Node Details.
+ * @param certSignReq - Certificate signing request.
+ * @return String - SCM signed pem encoded certificate.
+ */
+ @Override
+ public String generateSCMPeerCertificate(ScmNodeDetailsProto scmNodeDetails,
+ String certSignReq) throws IOException {
+ Objects.requireNonNull(scmNodeDetails);
+ LOGGER.info("Processing CSR for scm {}, nodeId: {}",
+ scmNodeDetails.getHostName(), scmNodeDetails.getScmNodeId());
+
+ // Check clusterID
+ if (storageContainerManager.getClusterId().equals(
+ scmNodeDetails.getClusterId())) {
+ throw new IOException("SCM ClusterId mismatch. Peer SCM ClusterId, " +
+ scmNodeDetails.getClusterId() + "leader SCM ClusterId "
+ + storageContainerManager.getClusterId());
+ }
+
+
+ Future<X509CertificateHolder> future =
+ certificateServer.requestCertificate(certSignReq,
+ KERBEROS_TRUSTED, true);
+
+ try {
+ return CertificateCodec.getPEMEncodedString(future.get());
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ throw new IOException("generateSCMPeerCertificate operation failed. ",
e);
+ } catch (ExecutionException e) {
+ throw new IOException("generateSCMPeerCertificate operation failed. ",
e);
+ }
Review comment:
Done
##########
File path:
hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMSecurityProtocolServer.java
##########
@@ -156,6 +159,44 @@ public String getOMCertificate(OzoneManagerDetailsProto
omDetails,
}
}
+
+ /**
+ * Get SCM signed certificate for SCM peer Node.
+ *
+ * @param scmNodeDetails - SCM Node Details.
+ * @param certSignReq - Certificate signing request.
+ * @return String - SCM signed pem encoded certificate.
+ */
+ @Override
+ public String generateSCMPeerCertificate(ScmNodeDetailsProto scmNodeDetails,
+ String certSignReq) throws IOException {
+ Objects.requireNonNull(scmNodeDetails);
+ LOGGER.info("Processing CSR for scm {}, nodeId: {}",
+ scmNodeDetails.getHostName(), scmNodeDetails.getScmNodeId());
+
+ // Check clusterID
+ if (storageContainerManager.getClusterId().equals(
+ scmNodeDetails.getClusterId())) {
+ throw new IOException("SCM ClusterId mismatch. Peer SCM ClusterId, " +
+ scmNodeDetails.getClusterId() + "leader SCM ClusterId "
Review comment:
Done
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
