You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kudu.apache.org by "Sailesh Mukil (JIRA)" <ji...@apache.org> on 2017/04/05 06:42:41 UTC

[jira] [Created] (KUDU-1965) Allow user provided TLS certificates to work with KRPC

Sailesh Mukil created KUDU-1965:
-----------------------------------

             Summary: Allow user provided TLS certificates to work with KRPC
                 Key: KUDU-1965
                 URL: https://issues.apache.org/jira/browse/KUDU-1965
             Project: Kudu
          Issue Type: Bug
          Components: rpc, security
    Affects Versions: 1.3.0
            Reporter: Sailesh Mukil
            Assignee: Sailesh Mukil


Kudu generates certificates when TLS is enabled and if the user does not provide them. These certificates have Kudu specific encodings which are checked for in the RPC negotiation phase.

If the certificates are user provided, it's highly likely that they will not contain these encodings, thus causing the certificate negotiation phase to fail.

We can check for and verify these encodings if the certificates are provided by Kudu, else we can skip that step in the negotiation phase if the certificates are user provided.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)