[
https://issues.apache.org/jira/browse/HDDS-548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16629480#comment-16629480
]
Xiaoyu Yao commented on HDDS-548:
---------------------------------
Thanks [~anu] for working on this. The patch looks good to me. Here are few
comments:
We need to move HDDSKeyGenerator.java and HDDSKeyPEMWriter.java to under the
o/a/h/h/security/x509/keys to make package path and dir path match?
SelfSignedCertificate.java
Line 60: NIT: do we support self-signed certificate for ozone in non CA?
Line 132: can we leverage the build-in X509v3CertificateBuilder/X500NameBuilder
to build DN and self-signed certificate for SCM? This way, we can have a
simpler builder or don't have to maintain our own builder class.
Line 213: we will need API to persist and load the self-signed certificate. Do
you want to add that in a separate JIRA?
> Create a Self-Signed Certificate
> --------------------------------
>
> Key: HDDS-548
> URL: https://issues.apache.org/jira/browse/HDDS-548
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Components: SCM
> Affects Versions: 0.2.1
> Reporter: Anu Engineer
> Assignee: Anu Engineer
> Priority: Major
> Attachments: HDDS-548-HDDS-4.001.patch, HDDS-548-HDDS-4.002.patch,
> HDDS-548-HDDS-4.003.patch, HDDS-548-HDDS-4.004.patch, HDDS-548.001.patch
>
>
> This Jira proposes to create a class that can create a self-signed
> certificate that can help with testing and can also act as a CA. This is
> needed to bootstrap SCM in the absence of a user provided CA certificate and
> is also needed for testing.
> cc: [~ajayydv], [~xyao]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
