István Fajth created HDDS-7399:
----------------------------------
Summary: Enable to specify an external rootCA certificate to be
used internally
Key: HDDS-7399
URL: https://issues.apache.org/jira/browse/HDDS-7399
Project: Apache Ozone
Issue Type: Sub-task
Reporter: István Fajth
Assignee: István Fajth
In certain organizations the security requirements may include to disallow the
usage of any separate trust chain that is distinct from the organisational
chain.
In case of Ozone the internal trust chain is independent and transparent, but
still we would like to conform with this requirement on the long run.
In order to conform such regulations, we need to enable the possibility to
specify an external CA certificate instead of the self signed one that we use
as the root of all trust within Ozone.
This feature comes with its own problems, as if this certificate is specified
as part of a configuration, that means it may change while the service is
restarting.
We can detect this change as we should store our certificates in a way that we
can provide the certificate bundles and those are including the root CA
certificate, but we also need to handle this during startup.
If a new root CA certificate is provided to the system at startup, that
effectively means that we need to revoke the current certificates, and go
through a similar procedure that we plan to have for the revocation of the
internally generated rootCA certificate with the fundamental difference that we
have to do it at startup and we can not rely on the old certificate at all, as
we can not assume that the old rootCA certificate is not revoked, or expired
already at this point.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
