xiaoyuyao opened a new pull request #1235: URL: https://github.com/apache/hadoop-ozone/pull/1235
… for GRPC TLS. ## What changes were proposed in this pull request? Adding SAN extension for SCM issued certificate and add DN certificate with sign/encrypt flag to meet requirement of SSL handshake with GRPC/Netty. ## What is the link to the Apache JIRA https://issues.apache.org/jira/browse/HDDS-3997 ## How was this patch tested? Test with real cluster before patch HDDS-3996 and HDDS-3997. Certificate does not have the required extension and flag, which fail the SSL handshake for Ratis operations like addGroup, leader election when ozone.grpc.tls.enabled is true. After the patch, verified the RATIS-Three pipeline can be created successfuly without SSL error. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: ozone-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: ozone-issues-h...@hadoop.apache.org