You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Sammi Chen (Jira)" <ji...@apache.org> on 2023/01/05 09:04:00 UTC

[jira] [Resolved] (HDDS-7339) Implement Certificate renewal task for services

     [ https://issues.apache.org/jira/browse/HDDS-7339?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sammi Chen resolved HDDS-7339.
------------------------------
    Resolution: Fixed

> Implement Certificate renewal task for services
> -----------------------------------------------
>
>                 Key: HDDS-7339
>                 URL: https://issues.apache.org/jira/browse/HDDS-7339
>             Project: Apache Ozone
>          Issue Type: Improvement
>          Components: Security
>            Reporter: István Fajth
>            Assignee: Sammi Chen
>            Priority: Major
>              Labels: pki, pull-request-available
>
> The certificate renewal task is responsible for renewing the certificate of a service before the certificate expires.
> The renewal process has to create a new keypair, submit a CSR for the acting CA, store the certificate material and the certificate in the metadata folder, update the VERSION file and notify the system about the new certificate, then cleanup the old certificate material, and finally it has to spin up a new task for the next renewal.
> It also has to take care of rollback in case there are any issues during the process.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org