[ https://issues.apache.org/jira/browse/HDDS-548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16629480#comment-16629480 ]
Xiaoyu Yao commented on HDDS-548: --------------------------------- Thanks [~anu] for working on this. The patch looks good to me. Here are few comments: We need to move HDDSKeyGenerator.java and HDDSKeyPEMWriter.java to under the o/a/h/h/security/x509/keys to make package path and dir path match? SelfSignedCertificate.java Line 60: NIT: do we support self-signed certificate for ozone in non CA? Line 132: can we leverage the build-in X509v3CertificateBuilder/X500NameBuilder to build DN and self-signed certificate for SCM? This way, we can have a simpler builder or don't have to maintain our own builder class. Line 213: we will need API to persist and load the self-signed certificate. Do you want to add that in a separate JIRA? > Create a Self-Signed Certificate > -------------------------------- > > Key: HDDS-548 > URL: https://issues.apache.org/jira/browse/HDDS-548 > Project: Hadoop Distributed Data Store > Issue Type: Sub-task > Components: SCM > Affects Versions: 0.2.1 > Reporter: Anu Engineer > Assignee: Anu Engineer > Priority: Major > Attachments: HDDS-548-HDDS-4.001.patch, HDDS-548-HDDS-4.002.patch, > HDDS-548-HDDS-4.003.patch, HDDS-548-HDDS-4.004.patch, HDDS-548.001.patch > > > This Jira proposes to create a class that can create a self-signed > certificate that can help with testing and can also act as a CA. This is > needed to bootstrap SCM in the absence of a user provided CA certificate and > is also needed for testing. > cc: [~ajayydv], [~xyao] -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org