Sammi Chen created HDDS-7723:
--------------------------------
Summary: Refresh Keys and Certificate used in OzoneSecretManager
after certificate renewed
Key: HDDS-7723
URL: https://issues.apache.org/jira/browse/HDDS-7723
Project: Apache Ozone
Issue Type: Sub-task
Reporter: Sammi Chen
Assignee: Sammi Chen
There are three child class of OzoneSecretManager. The current behavior is,
# OzoneDelegationTokenSecretManager , use OM's private key to calculate the
delegation token signature, OM's certificate to verify the delegation token on
token renew request on OM.
# OzoneBlockTokenSecretManager, use OM's private key to calculate the block
token signature, OM's certificate to verify the block token on DN.
# ContainerTokenSecretManager, use SCM's private key to calculate the
container token signature, SCM's certificate to verify the container token on
DN.
OzoneBlockTokenSecretManager and ContainerTokenSecretManager are also leveraged
in EC Reconstruction coordinator on DN. This time, DN's private key and
certificates are used to do the signature calculation and verification.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
