You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "István Fajth (Jira)" <ji...@apache.org> on 2022/10/24 15:20:00 UTC

[jira] [Updated] (HDDS-7377) Implement certificate hotswap at renewal

     [ https://issues.apache.org/jira/browse/HDDS-7377?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

István Fajth updated HDDS-7377:
-------------------------------
        Parent:     (was: HDDS-7332)
    Issue Type: Improvement  (was: Sub-task)

> Implement certificate hotswap at renewal
> ----------------------------------------
>
>                 Key: HDDS-7377
>                 URL: https://issues.apache.org/jira/browse/HDDS-7377
>             Project: Apache Ozone
>          Issue Type: Improvement
>            Reporter: István Fajth
>            Assignee: István Fajth
>            Priority: Major
>
> Once a certificate is renewed by a service, Ozone services should start to use it for new connections right away, while the already established connections also has to refresh their context so that if for whatever reason it is necessary to use the certificate and the keypair again, the established connections use the new certificate material after the point when the new certificate is signed and valid.
> As a basic idea, we can either use this solution, or a similar one that fits our internal needs:
> https://github.com/Hakky54/java-tutorials/tree/main/grpc-client-server-with-ssl/instant-server-ssl-reloading-with-grpc



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org