[
https://issues.apache.org/jira/browse/HDDS-8592?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sammi Chen updated HDDS-8592:
-----------------------------
Summary: Fetch and save all root certificates during service's certificate
rotation (was: Fetch and save all root certificates during service's
certificate roration)
> Fetch and save all root certificates during service's certificate rotation
> --------------------------------------------------------------------------
>
> Key: HDDS-8592
> URL: https://issues.apache.org/jira/browse/HDDS-8592
> Project: Apache Ozone
> Issue Type: Sub-task
> Components: Security
> Reporter: Szabolcs Gál
> Assignee: Szabolcs Gál
> Priority: Major
> Labels: pki, pull-request-available
>
> There are a few steps needed before the final piece of root CA rotation can
> be fully implemented on client side.
> DefaultCertificateClient needs the CertificateLifeTime monitor to be updated
> to be able to run when root ca rotation is scheduled not just when regular
> certificate rotation is in progress.
> SignAndStoreCertificate currently is scattered across 3-4 different places,
> whereas a central location would fully suffice, and it also needs to be
> updated to use the new protocol to get the root CAs from the SCM.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
