ashishkumar50 commented on code in PR #4934:
URL: https://github.com/apache/ozone/pull/4934#discussion_r1235004988
##########
hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMSecurityProtocolServer.java:
##########
@@ -232,6 +233,17 @@ private void validateSecretKeyStatus() throws
SCMSecretKeyException {
}
}
+ @Override
+ public synchronized List<String> getAllRootCaCertificates()
Review Comment:
As the name suggest this method is intended to use just for retrieving
Certificate. If `rootCACertificate` is going to change that will be in other
method. I think we should protect this with lock and use read/write lock
accordingly.
##########
hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMSecurityProtocolServer.java:
##########
@@ -101,7 +102,7 @@ public class SCMSecurityProtocolServer implements
SCMSecurityProtocol,
.getLogger(SCMSecurityProtocolServer.class);
private final CertificateServer rootCertificateServer;
private final CertificateServer scmCertificateServer;
- private final X509Certificate rootCACertificate;
+ private final List<X509Certificate> rootCACertificate;
Review Comment:
Can we change the name to add suffix/prefix "list" to avoid confusion that
it not just single Certificate.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
