[jira] [Updated] (HDDS-5055) Fix TLSClientConfig in DN/Client

Wed, 31 Mar 2021 09:25:04 -0700 


     [ 
https://issues.apache.org/jira/browse/HDDS-5055?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bharat Viswanadham updated HDDS-5055:
-------------------------------------
    Description: 
TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to 
true.

Today it uses below as TLSClientConfig

{code:java}
      tlsConfig = new GrpcTlsConfig(null, null,
          caCerts, false);
{code}

This is used in RaftClient for making add Group call in 
CreatePipelineCommandHandler.


And in createTLSParameters for client config set mTLS to true which is used by 
DN.
{code:java}
      GrpcTlsConfig clientConfig = new GrpcTlsConfig(
          caClient.getPrivateKey(), caClient.getCertificate(),
          caList, false);
      GrpcConfigKeys.Client.setTlsConf(parameters, clientConfig);
{code}


  was:
TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to 
true.

Today it uses below as TLSClientConfig

{code:java}
      tlsConfig = new GrpcTlsConfig(null, null,
          caCerts, false);
{code}

This is used in RaftClient for making add Group call in 
CreatePipelineCommandHandler.

{code:java}
      GrpcTlsConfig clientConfig = new GrpcTlsConfig(
          caClient.getPrivateKey(), caClient.getCertificate(),
          caList, false);
{code}
And in createTLSParameters for client config set mTLS to true which is used by 
DN.



> Fix TLSClientConfig in DN/Client
> --------------------------------
>
>                 Key: HDDS-5055
>                 URL: https://issues.apache.org/jira/browse/HDDS-5055
>             Project: Apache Ozone
>          Issue Type: Bug
>            Reporter: Bharat Viswanadham
>            Assignee: Bharat Viswanadham
>            Priority: Major
>
> TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to 
> true.
> Today it uses below as TLSClientConfig
> {code:java}
>       tlsConfig = new GrpcTlsConfig(null, null,
>           caCerts, false);
> {code}
> This is used in RaftClient for making add Group call in 
> CreatePipelineCommandHandler.
> And in createTLSParameters for client config set mTLS to true which is used 
> by DN.
> {code:java}
>       GrpcTlsConfig clientConfig = new GrpcTlsConfig(
>           caClient.getPrivateKey(), caClient.getCertificate(),
>           caList, false);
>       GrpcConfigKeys.Client.setTlsConf(parameters, clientConfig);
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to