You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ratis.apache.org by "Tsz-wo Sze (Jira)" <ji...@apache.org> on 2022/11/18 20:10:00 UTC

[jira] [Resolved] (RATIS-1747) Support keyManager and trustManager in tlsConfig

     [ https://issues.apache.org/jira/browse/RATIS-1747?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tsz-wo Sze resolved RATIS-1747.
-------------------------------
    Fix Version/s: 3.0.0
       Resolution: Fixed

The pull request is now merged.  Thanks, [~Sammi]!

> Support keyManager and trustManager in tlsConfig
> ------------------------------------------------
>
>                 Key: RATIS-1747
>                 URL: https://issues.apache.org/jira/browse/RATIS-1747
>             Project: Ratis
>          Issue Type: Task
>          Components: security
>            Reporter: Sammi Chen
>            Assignee: Sammi Chen
>            Priority: Major
>             Fix For: 3.0.0
>
>         Attachments: 785_review.patch
>
>          Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> Ratis use the security materials passed by Ozone to establish tls connection. Currently, there are two ways to configure tls. For cert, one is cert file based, another is  cert objects. For privateKey, one is private key file, another is  private key object.
>  
> This task aims to support the third way to configure tls. That is, pass in a KeyManager and trustManager object for key and cert.  The motivation of this is we want to support certificate dynamic reloading in Ozone when certificate is going to expire and a new certificate is generated to replace the old one.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)