You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2018/09/18 12:14:00 UTC
[jira] [Resolved] (AMBARI-24625) Ambari self signed certificate
generated with 1024 bits length, need to make this 2048
[ https://issues.apache.org/jira/browse/AMBARI-24625?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dmitry Lysnichenko resolved AMBARI-24625.
-----------------------------------------
Resolution: Fixed
Fixed
> Ambari self signed certificate generated with 1024 bits length, need to make this 2048
> --------------------------------------------------------------------------------------
>
> Key: AMBARI-24625
> URL: https://issues.apache.org/jira/browse/AMBARI-24625
> Project: Ambari
> Issue Type: Improvement
> Components: ambari-server
> Reporter: Dmitry Lysnichenko
> Assignee: Dmitry Lysnichenko
> Priority: Major
> Labels: pull-request-available
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Currently Ambari server/agent are using self signed certificate and The certificate is generated with 1024 bits length. Generally the policy requirement is to have key length > 1048
> We have this hard code in out code
> {code}
> GEN_AGENT_KEY="openssl req -new -newkey rsa:1024 -nodes -keyout %(keysdir)s/%(hostname)s.key\
> -subj /OU=%(hostname)s/\
> -out %(keysdir)s/%(hostname)s.csr"
> {code}
> ref : https://github.com/hortonworks/ambari/blob/master/ambari-agent/src/main/python/ambari_agent/security.py
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)