You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "István Fajth (Jira)" <ji...@apache.org> on 2022/10/21 23:35:00 UTC

[jira] [Created] (HDDS-7378) Ensure certificate hierarchy is set up properly

István Fajth created HDDS-7378:
----------------------------------

             Summary: Ensure certificate hierarchy is set up properly
                 Key: HDDS-7378
                 URL: https://issues.apache.org/jira/browse/HDDS-7378
             Project: Apache Ozone
          Issue Type: Sub-task
            Reporter: István Fajth


During initialization, and later on we need to maintain a proper hierarchy for the certificates as described in the proposal document.
Every certificate has to have the following trust chain:
rootCA cert-> n number of subordinate CA certs -> service certificate.
Where any subordinate CA cert the following is true:
1 < i <= n -> sCA[i-1] is the signed of sCA[i] and
sCA[1] is signed by the rootCA

This hierarchy has to be kept internally so that we can use it to provide certificate bundles that contains the whole trust chain from the signing CA instead of just the signed certificate.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org