István Fajth created HDDS-7377:
----------------------------------
Summary: Implement certificate hotswap at renewal
Key: HDDS-7377
URL: https://issues.apache.org/jira/browse/HDDS-7377
Project: Apache Ozone
Issue Type: Sub-task
Reporter: István Fajth
Assignee: István Fajth
Once a certificate is renewed by a service, Ozone services should start to use
it for new connections right away, while the already established connections
also has to refresh their context so that if for whatever reason it is
necessary to use the certificate and the keypair again, the established
connections use the new certificate material after the point when the new
certificate is signed and valid.
As a basic idea, we can either use this solution, or a similar one that fits
our internal needs:
https://github.com/Hakky54/java-tutorials/tree/main/grpc-client-server-with-ssl/instant-server-ssl-reloading-with-grpc
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
