DaveTeng0 commented on PR #6716:
URL: https://github.com/apache/ozone/pull/6716#issuecomment-2125824519
Hello @fapifta @ChenSammi , I know you guys have been working on ozone's TLS
certificate infrastructure for a while, so I'd like to hear from you about the
current way I retrieve client side's certificate when Ozone is GRPC-enabled. I
currently use a
`certClient
.getObjectStore()
.getClientProxy()
.getOzoneManagerClient()
.getServiceInfo();
` in BaseRatisCommand#createGrpcTlsConf to get the serviceInfo from ozone.
Then I use that serviceInfo to get certificate
`CACertificateProvider remoteCAProvider =
serviceInfoEx::provideCACerts;
`
which would be used by the raft client in ozone-shell to connect to all raft
servers.
Feel free to let me know if any comment, like other better way to retrieve
the certificate, etc. thanks!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
