You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Hudson (JIRA)" <ji...@apache.org> on 2018/09/12 15:27:00 UTC
[jira] [Commented] (AMBARI-24625) Ambari self signed certificate
generated with 1024 bits length, need to make this 2048
[ https://issues.apache.org/jira/browse/AMBARI-24625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16612333#comment-16612333 ]
Hudson commented on AMBARI-24625:
---------------------------------
SUCCESS: Integrated in Jenkins build Ambari-branch-2.7 #240 (See [https://builds.apache.org/job/Ambari-branch-2.7/240/])
AMBARI-24625. Ambari self signed certificate generated with 1024 bits (github: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=08f197107e67403ac9056690bd590dbddebd4bd4])
* (edit) ambari-agent/src/main/python/ambari_agent/security.py
> Ambari self signed certificate generated with 1024 bits length, need to make this 2048
> --------------------------------------------------------------------------------------
>
> Key: AMBARI-24625
> URL: https://issues.apache.org/jira/browse/AMBARI-24625
> Project: Ambari
> Issue Type: Improvement
> Components: ambari-server
> Reporter: Dmitry Lysnichenko
> Assignee: Dmitry Lysnichenko
> Priority: Major
> Labels: pull-request-available
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Currently Ambari server/agent are using self signed certificate and The certificate is generated with 1024 bits length. Generally the policy requirement is to have key length > 1048
> We have this hard code in out code
> {code}
> GEN_AGENT_KEY="openssl req -new -newkey rsa:1024 -nodes -keyout %(keysdir)s/%(hostname)s.key\
> -subj /OU=%(hostname)s/\
> -out %(keysdir)s/%(hostname)s.csr"
> {code}
> ref : https://github.com/hortonworks/ambari/blob/master/ambari-agent/src/main/python/ambari_agent/security.py
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)