You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Bharat Viswanadham (Jira)" <ji...@apache.org> on 2021/03/31 16:25:00 UTC

[jira] [Updated] (HDDS-5055) Fix TLSClientConfig in DN/Client

     [ https://issues.apache.org/jira/browse/HDDS-5055?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Bharat Viswanadham updated HDDS-5055:
-------------------------------------
    Description: 
TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to true.

Today it uses below as TLSClientConfig

{code:java}
      tlsConfig = new GrpcTlsConfig(null, null,
          caCerts, false);
{code}

This is used in RaftClient for making add Group call in CreatePipelineCommandHandler.


And in createTLSParameters for client config set mTLS to true which is used by DN.
{code:java}
      GrpcTlsConfig clientConfig = new GrpcTlsConfig(
          caClient.getPrivateKey(), caClient.getCertificate(),
          caList, false);
      GrpcConfigKeys.Client.setTlsConf(parameters, clientConfig);
{code}


  was:
TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to true.

Today it uses below as TLSClientConfig

{code:java}
      tlsConfig = new GrpcTlsConfig(null, null,
          caCerts, false);
{code}

This is used in RaftClient for making add Group call in CreatePipelineCommandHandler.

{code:java}
      GrpcTlsConfig clientConfig = new GrpcTlsConfig(
          caClient.getPrivateKey(), caClient.getCertificate(),
          caList, false);
{code}
And in createTLSParameters for client config set mTLS to true which is used by DN.



> Fix TLSClientConfig in DN/Client
> --------------------------------
>
>                 Key: HDDS-5055
>                 URL: https://issues.apache.org/jira/browse/HDDS-5055
>             Project: Apache Ozone
>          Issue Type: Bug
>            Reporter: Bharat Viswanadham
>            Assignee: Bharat Viswanadham
>            Priority: Major
>
> TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to true.
> Today it uses below as TLSClientConfig
> {code:java}
>       tlsConfig = new GrpcTlsConfig(null, null,
>           caCerts, false);
> {code}
> This is used in RaftClient for making add Group call in CreatePipelineCommandHandler.
> And in createTLSParameters for client config set mTLS to true which is used by DN.
> {code:java}
>       GrpcTlsConfig clientConfig = new GrpcTlsConfig(
>           caClient.getPrivateKey(), caClient.getCertificate(),
>           caList, false);
>       GrpcConfigKeys.Client.setTlsConf(parameters, clientConfig);
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org