xiaoyuyao opened a new pull request #1662: URL: https://github.com/apache/ozone/pull/1662
## What changes were proposed in this pull request? Adding scm admin CLI that allows list/info of certificates issued by SCM. ## What is the link to the Apache JIRA https://issues.apache.org/jira/browse/HDDS-4507 ## How was this patch tested? Manual testing and added acceptance tests. Some sample output from the secure docker-compose tests: ``` bash-4.2$ ozone admin cert list Total 2 certificates: SerialNumber Valid From Valid To SubjectDN 162534446438373 Fri Dec 04 00:00:00 UTC 2020 Sat Dec 04 00:00:00 UTC 2021 O=CID-e66d4728-32bb-4282-9770-351a7e913f07, OU=9a7c4f86-c862-4067-b12c-e7bca51d3dfe, CN=root@98dba189d5f0 162539371895176 Fri Dec 04 00:00:00 UTC 2020 Sat Dec 04 00:00:00 UTC 2021 O=CID-e66d4728-32bb-4282-9770-351a7e913f07, OU=9a7c4f86-c862-4067-b12c-e7bca51d3dfe, CN=root@om bash-4.2$ ozone admin cert info 162534446438373 Certificate id: 162534446438373 [ [ Version: V3 Subject: O=CID-e66d4728-32bb-4282-9770-351a7e913f07, OU=9a7c4f86-c862-4067-b12c-e7bca51d3dfe, CN=root@98dba189d5f0 Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11 Key: Sun RSA public key, 2048 bits params: null modulus: 24806810118367241194658833827043803266877657186456658855596213136768102796770845408683173562136109706337504703762278823248064939126605922536706398494552519304046563760721405567561225347040817363478681331703066244115852219139469122223241709063757595312816247866140634820764064474476952921773834501990682283839739318837357655559721194886161431153233435981439604681713663793973302213334133049194782787272432327228295568609757685618877407821955619561565819371349614206516475628783276797817072763118799254983084703106079148861996087128871753598723315633255615570964183253537675150414328735894758347846430289465070670386317 public exponent: 65537 Validity: [From: Fri Dec 04 00:00:00 UTC 2020, To: Sat Dec 04 00:00:00 UTC 2021] Issuer: O=CID-e66d4728-32bb-4282-9770-351a7e913f07, OU=9a7c4f86-c862-4067-b12c-e7bca51d3dfe, CN=scm@scm SerialNumber: [ 93d2fff1 97e5] Certificate Extensions: 2 [1]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [ DigitalSignature Key_Encipherment Data_Encipherment Key_Agreement ] [2]: ObjectId: 2.5.29.17 Criticality=false SubjectAlternativeName [ IPAddress: 172.27.0.2 ] ] Algorithm: [SHA256withRSA] Signature: 0000: 3D 29 84 1D 8D BA 53 F6 00 B7 21 85 E1 3F 0C C5 =)....S...!..?.. 0010: B3 AA 27 DA 5D E9 C7 9E 46 01 71 10 E4 2D D1 25 ..'.]...F.q..-.% 0020: FC 93 49 0F 4F 97 37 18 E9 32 3E 2D 31 8F 59 17 ..I.O.7..2>-1.Y. 0030: 89 6D A3 2D FD 7E BC FD C5 38 57 92 C1 ED 99 C6 .m.-.....8W..... 0040: 14 3B 9E CD 8E 90 26 3F E7 D0 9B 33 E4 0A 37 03 .;....&?...3..7. 0050: DF 33 08 75 FC F1 F3 44 E6 85 CF DD 37 2A 47 47 .3.u...D....7*GG 0060: 28 CF E3 A2 19 92 2A C0 1A 93 2B B5 0D D1 7C 7F (.....*...+..... 0070: 32 5D 02 61 0B A1 DF 2E 71 07 98 22 91 93 5D A5 2].a....q.."..]. 0080: BD 77 28 8A E8 45 90 9A AE 9D 45 F0 BB 33 7A 32 .w(..E....E..3z2 0090: 6D 71 47 EB 0B 32 EA 76 8C 1D 92 AE 02 02 FB 73 mqG..2.v.......s 00A0: CB AE 86 B6 00 51 58 96 F3 2E 7A 85 CB 4B 19 FF .....QX...z..K.. 00B0: 49 AA ED F0 47 AA E8 1E AD 80 92 BF 99 D4 C6 46 I...G..........F 00C0: 9F B9 9E CF 8D 45 40 D2 A0 2A 02 98 DC 41 11 D5 .....E@..*...A.. 00D0: 90 CD 7E BC DE 95 AE 06 13 6C F4 C9 57 DA B2 80 .........l..W... 00E0: 63 69 55 6C 25 9F 0A BE EE 46 EF 9F 19 EE 1A 7A ciUl%....F.....z 00F0: 96 88 DD 48 5E CE E2 AE D1 C6 5C C2 83 23 71 A9 ...H^.....\..#q. ] ``` ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
