[
https://issues.apache.org/jira/browse/HDDS-8598?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
István Fajth resolved HDDS-8598.
--------------------------------
Resolution: Fixed
As we replace all directories that holds certificate material, and at the end
of the rotation we remove it from the backup, with that old saved rootCA certs
are also removed from nodes.
This was done as part of HDDS-7339.
> Add cleanup logic to remove old CA related material
> ---------------------------------------------------
>
> Key: HDDS-8598
> URL: https://issues.apache.org/jira/browse/HDDS-8598
> Project: Apache Ozone
> Issue Type: Sub-task
> Components: Security
> Reporter: Szabolcs Gál
> Priority: Major
> Labels: pki
>
> After the root CA certificate related changes are integrated to client side
> (OM, Datanode, Recon) the old material to root CA and sub CAs signed by that
> root CA can be removed. This should only be done after the old root CA
> certificate has expired just to make sure nothing goes wrong.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
