fapifta opened a new pull request, #6842: URL: https://github.com/apache/ozone/pull/6842
## What changes were proposed in this pull request? Within CertificateClient implementations, we use the CertificateSignRequest class to configure a BouncyCastle PKCS10CertificationRequest object. To remove this dependency, we should use our own CertificateSignRequest class throughout the whole client side, then transform it to a PEM encoded String and transfer it as is to the server side. This way, the conversion itself can be moved later on to the crypto module, and then we can let implementors implement the conversion to a string based representation separatly, and use that from our CertificateSignRequest object later on dynamically. This PR fully removes the usage of the BouncyCastle classes from the CertificateClient, and changes the related tests and business logic to use CertificateSignRequest instead. Note: On the server side, the certificate sign request should be passed on as this String representation all the way down to the actual act of signing and issueing the certificate. This part will come with HDDS-11029. This PR contains TODO notices for the usages of CertificateSignRequest#generateCSR() method, as those have to be revisited, and related tests should either be rewritten to use CertificateSignRequest or moved to the crypto modules if they still need to utilize the PKCS10CertificationRequest class from BouncyCastle. ## What is the link to the Apache JIRA https://issues.apache.org/jira/browse/HDDS-11028 ## How was this patch tested? As this is a code refactoring only, the exsisting tests should be sufficient to prove that everything still works. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
