tolbertam commented on code in PR #3109:
URL: https://github.com/apache/cassandra/pull/3109#discussion_r1534711690
##########
src/java/org/apache/cassandra/auth/MutualTlsAuthenticator.java:
##########
@@ -208,9 +224,29 @@ public AuthenticatedUser getAuthenticatedUser() throws
AuthenticationException
nospamLogger.error(msg, identity);
throw new AuthenticationException(MessageFormatter.format(msg,
identity).getMessage());
}
+
+ // Validates that the certificate validity period does not exceed
the maximum certificate configured validity period
+ int minutesToCertificateExpiration =
certificateValidityPeriodValidator.validate(clientCertificateChain);
+ int daysToCertificateExpiration =
toDays(minutesToCertificateExpiration);
+
+ if (certificateValidityWarnThreshold != null
+ && minutesToCertificateExpiration <
certificateValidityWarnThreshold.toMinutes())
+ {
+ nospamLogger.warn("Certificate with identity '{}' will expire
in {} minutes",
Review Comment:
your solution for this looks great, thank you!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
