You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Vivek Ratnavel Subramanian (Jira)" <ji...@apache.org> on 2021/11/23 00:34:00 UTC

[jira] [Created] (HDDS-6030) Support for External Root CA

Vivek Ratnavel Subramanian created HDDS-6030:
------------------------------------------------

             Summary: Support for External Root CA
                 Key: HDDS-6030
                 URL: https://issues.apache.org/jira/browse/HDDS-6030
             Project: Apache Ozone
          Issue Type: New Feature
          Components: OM, Ozone Datanode, SCM, Security
    Affects Versions: 1.2.0
            Reporter: Vivek Ratnavel Subramanian
            Assignee: Vivek Ratnavel Subramanian
         Attachments: External root CA support  - Design Doc v1.pdf

Currently, Ozone brings its own CA and intermediate CAs through SCM instances when security is enabled and doesn't support deployments with an existing Root CA. Oftentimes enterprise customers have their own root CA and intermediate CAs set up and configured to sign the certificates within their organization. 

This jira can be used to track this feature of supporting external Root CA in Ozone. This feature might require changes or updates to the security bootstrap flow of all the components. And, hence the feature can be tracked in a separate branch.

More details are added to the design doc attached.
 [^External root CA support  - Design Doc v1.pdf] 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org