[
https://issues.apache.org/jira/browse/HDDS-11028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated HDDS-11028:
----------------------------------
Labels: pull-request-available (was: )
> Replace PKCS10CertificationRequest usage in CertificateClient
> -------------------------------------------------------------
>
> Key: HDDS-11028
> URL: https://issues.apache.org/jira/browse/HDDS-11028
> Project: Apache Ozone
> Issue Type: Sub-task
> Reporter: István Fajth
> Assignee: István Fajth
> Priority: Major
> Labels: pull-request-available
>
> Currently the logic of the CertificateClient implementation to create a
> certificate sign request, involves the CertificateSignRequest.Builder
> implementation.
> This Builder, at the end of the day returns a PKCS10CertificationRequest,
> which is turned into a PEM encoded string format using
> CertificateSignRequest#getEncodedString(PKCS10CertificationRequest) method
> all the time, in order to send it to the CA server, where we re-create the
> PKCS10CertificationRequest and then sign the certificate.
> We can change this logic in a way where the CertificateSignRequest.Builder
> returns a CertificateSignRequest object (as one would expect from its
> Builder), which then is able to provide the PEM encoded String represenation
> to the CertificateClient, this way we can ensure proper encapsulation of how
> we deal with the CSR, and we can remove the BouncyCastle dependencies from
> the CertificateClient classes.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
