[
https://issues.apache.org/jira/browse/HDDS-8958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17773193#comment-17773193
]
Janus Chow commented on HDDS-8958:
----------------------------------
After discussion with [~Sammi] , we think it's not a blocker to 1.4.0 release.
so added label of "non_1.4.0_blocker".
> Handle trust chain changes in clients when rootCAs are rotated.
> ---------------------------------------------------------------
>
> Key: HDDS-8958
> URL: https://issues.apache.org/jira/browse/HDDS-8958
> Project: Apache Ozone
> Issue Type: Sub-task
> Reporter: István Fajth
> Assignee: István Fajth
> Priority: Blocker
> Labels: non_1.4.0_blocker
>
> A long running client might run into the change when we create the new rootCA
> certificate, and renew all our internal certificates.
> In this case, as we do not have an option to notify the clients about the
> change, they will inevitably fail, however we can make sure if there is an
> SSL related failure, then we clean up the client caches, and reinitialize the
> basis of trust stores, then retry.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
