ChenSammi commented on PR #4493: URL: https://github.com/apache/ozone/pull/4493#issuecomment-1504393287
> Thank you @ChenSammi to work on this one further. The changes are looking good. One thing I would note on the added test, but this we I believe should address later, however we might want to note somewhere like here in the PR. > > The ozone admin cert list -c 1 command in theory should always return the rootCA cert, but if that happens after a rootCA cert rotation, we might compare with the wrong certificate here, on the other hand I am usure if we have any better way at the moment to get the root certificate. The same cert list command currently only lists the first 20 certificates, this test should generate 13 certificates combined, so we are on the safe side, but once there are more node added to this test for any reason, once we reach 20 the scm4 cert might not be on the list. @fapifta , for root CA rotation, I believe we need new corresponding tests in docker environment. If the new tests are added after all the existing tests, then all existing tests don't need any change, otherwise they need, so it depends on how the new tests in the coming root CA rotation will be created. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
