You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2022/10/19 07:22:20 UTC
[GitHub] [ozone] JacksonYao287 opened a new pull request, #3859: HDDS-7355. non-primordial scm fail to get signed cert from primordial SCM when converting an unsecure cluster to secure
JacksonYao287 opened a new pull request, #3859:
URL: https://github.com/apache/ozone/pull/3859
## What changes were proposed in this pull request?
when converting a unsecure cluster to a secure one, we need to reinit the primordial SCM to generate the root ca and a sub ca to itself. then , we need to bootstrap the other two scm to get a signed cert and sub ca from primordial SCM.
current code has a bug in `initializeSecurityIfNeeded` which will lead the bootstrapped scm to get a self signed cert from itself, not the root signed cert from primordial SCM.
## What is the link to the Apache JIRA
https://issues.apache.org/jira/browse/HDDS-7355
## How was this patch tested?
manually test in my inner cluster
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone] JacksonYao287 commented on pull request #3859: HDDS-7355. non-primordial scm fail to get signed cert from primordial SCM when converting an unsecure cluster to secure
Posted by GitBox <gi...@apache.org>.
JacksonYao287 commented on PR #3859:
URL: https://github.com/apache/ozone/pull/3859#issuecomment-1285059333
thanks @kaijchen for the review and merging!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone] kaijchen commented on pull request #3859: HDDS-7355. non-primordial scm fail to get signed cert from primordial SCM when converting an unsecure cluster to secure
Posted by GitBox <gi...@apache.org>.
kaijchen commented on PR #3859:
URL: https://github.com/apache/ozone/pull/3859#issuecomment-1285012461
Thanks @JacksonYao287 for the work.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org
[GitHub] [ozone] kaijchen merged pull request #3859: HDDS-7355. non-primordial scm fail to get signed cert from primordial SCM when converting an unsecure cluster to secure
Posted by GitBox <gi...@apache.org>.
kaijchen merged PR #3859:
URL: https://github.com/apache/ozone/pull/3859
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org