István Fajth created HDDS-7332:
----------------------------------
Summary: Automatic certificate rotation before certificate
expiration
Key: HDDS-7332
URL: https://issues.apache.org/jira/browse/HDDS-7332
Project: Apache Ozone
Issue Type: Improvement
Components: Security
Reporter: István Fajth
Assignee: István Fajth
As per the doc in HDDS-7331, the goals here are:
- implement a certificate owner driven certificate renewal before expiration in
services
- implement certificate hotswap without service disruption
- introduce multiple certificates for different uses in services, separate
these concerns on the certificates level
- start to include the whole trust chain in a certificate bundle, and use that
instead of the sole certificate (with that allow us to have an arbitrary number
of entities in the trust chain that we don't need to pre-distribute to
truststores.)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
