[ https://issues.apache.org/jira/browse/HDDS-11028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
István Fajth updated HDDS-11028: -------------------------------- Summary: Replace PKCS10CertificationRequest usage in CertificateClient (was: Replace PKCS10CertificationRequest usage in CertificateClient to String) > Replace PKCS10CertificationRequest usage in CertificateClient > ------------------------------------------------------------- > > Key: HDDS-11028 > URL: https://issues.apache.org/jira/browse/HDDS-11028 > Project: Apache Ozone > Issue Type: Sub-task > Reporter: István Fajth > Priority: Major > > Currently the logic of the CertificateClient implementation to create a > certificate sign request, involves the CertificateSignRequest.Builder > implementation. > This Builder, at the end of the day returns a PKCS10CertificationRequest, > which is turned into a PEM encoded string format using > CertificateSignRequest#getEncodedString(PKCS10CertificationRequest) method > all the time, in order to send it to the CA server, where we re-create the > PKCS10CertificationRequest and then sign the certificate. > We can change this logic in a way where the CertificateSignRequest.Builder > returns a CertificateSignRequest object (as one would expect from its > Builder), which then is able to provide the PEM encoded String represenation > to the CertificateClient, this way we can ensure proper encapsulation of how > we deal with the CSR, and we can remove the BouncyCastle dependencies from > the CertificateClient classes. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org For additional commands, e-mail: issues-h...@ozone.apache.org