You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Dmitry Lysnichenko (JIRA)" <ji...@apache.org> on 2018/09/18 12:14:00 UTC

[jira] [Resolved] (AMBARI-24625) Ambari self signed certificate generated with 1024 bits length, need to make this 2048

     [ https://issues.apache.org/jira/browse/AMBARI-24625?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dmitry Lysnichenko resolved AMBARI-24625.
-----------------------------------------
    Resolution: Fixed

Fixed

> Ambari self signed certificate generated with 1024 bits length, need to make this 2048
> --------------------------------------------------------------------------------------
>
>                 Key: AMBARI-24625
>                 URL: https://issues.apache.org/jira/browse/AMBARI-24625
>             Project: Ambari
>          Issue Type: Improvement
>          Components: ambari-server
>            Reporter: Dmitry Lysnichenko
>            Assignee: Dmitry Lysnichenko
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> Currently Ambari server/agent  are using self signed certificate and The certificate is generated with 1024 bits length. Generally the policy requirement is to have key length > 1048
> We have this hard code in out code
> {code}
> GEN_AGENT_KEY="openssl req -new -newkey rsa:1024 -nodes -keyout %(keysdir)s/%(hostname)s.key\
> -subj /OU=%(hostname)s/\
> -out %(keysdir)s/%(hostname)s.csr"
> {code}
> ref : https://github.com/hortonworks/ambari/blob/master/ambari-agent/src/main/python/ambari_agent/security.py



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)