Alexey Serbin has posted comments on this change. Change subject: security: generate certs on the tserver, sign them on the master ......................................................................
Patch Set 4: Code-Review+2 (1 comment) http://gerrit.cloudera.org:8080/#/c/5766/4/src/kudu/master/master_cert_authority.cc File src/kudu/master/master_cert_authority.cc: PS4, Line 110: can the signer : // modify the CSR to add fields, etc, indicating when/where it was signed? : // maybe useful for debugging. Good idea. I think we can add functionality to allow the cert signer to specify comment (there is 'Netscape comment' extension). Right now that field is in the CSR request itself, but I think we can allow the cert signer to modify that -- I'll take a look at that. -- To view, visit http://gerrit.cloudera.org:8080/5766 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I3eb8ab4edc17e2fa1a54e0123a06dabc59a0489b Gerrit-PatchSet: 4 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Todd Lipcon <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
