hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Xiaoyu Yao (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HDDS-548) Create a Self-Signed Certificate
Date Wed, 26 Sep 2018 22:19:00 GMT

    [ https://issues.apache.org/jira/browse/HDDS-548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16629480#comment-16629480

Xiaoyu Yao commented on HDDS-548:

Thanks [~anu] for working on this. The patch looks good to me. Here are few comments:


We need to move HDDSKeyGenerator.java and HDDSKeyPEMWriter.java to under the o/a/h/h/security/x509/keys
to make package path and dir path match?



Line 60: NIT: do we support self-signed certificate for ozone in non CA?

Line 132: can we leverage the build-in X509v3CertificateBuilder/X500NameBuilder to build
DN and self-signed certificate for SCM? This way, we can have a simpler builder or don't
have to maintain our own builder class.

Line 213: we will need API to persist and load the self-signed certificate. Do you want to
add that in a separate JIRA?

> Create a Self-Signed Certificate
> --------------------------------
>                 Key: HDDS-548
>                 URL: https://issues.apache.org/jira/browse/HDDS-548
>             Project: Hadoop Distributed Data Store
>          Issue Type: Sub-task
>          Components: SCM
>    Affects Versions: 0.2.1
>            Reporter: Anu Engineer
>            Assignee: Anu Engineer
>            Priority: Major
>         Attachments: HDDS-548-HDDS-4.001.patch, HDDS-548-HDDS-4.002.patch, HDDS-548-HDDS-4.003.patch,
HDDS-548-HDDS-4.004.patch, HDDS-548.001.patch
> This Jira proposes to create a class that can create a self-signed certificate that can
help with testing and  can also act as a CA. This is needed to bootstrap SCM in the absence
of a user provided CA certificate and is also needed for testing.
> cc: [~ajayydv], [~xyao]

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org

View raw message