You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Sammi Chen (Jira)" <ji...@apache.org> on 2023/01/05 04:03:00 UTC
[jira] [Created] (HDDS-7723) Refresh Keys and Certificate used in OzoneSecretManager after certificate renewed
Sammi Chen created HDDS-7723:
--------------------------------
Summary: Refresh Keys and Certificate used in OzoneSecretManager after certificate renewed
Key: HDDS-7723
URL: https://issues.apache.org/jira/browse/HDDS-7723
Project: Apache Ozone
Issue Type: Sub-task
Reporter: Sammi Chen
Assignee: Sammi Chen
There are three child class of OzoneSecretManager. The current behavior is,
# OzoneDelegationTokenSecretManager , use OM's private key to calculate the delegation token signature, OM's certificate to verify the delegation token on token renew request on OM.
# OzoneBlockTokenSecretManager, use OM's private key to calculate the block token signature, OM's certificate to verify the block token on DN.
# ContainerTokenSecretManager, use SCM's private key to calculate the container token signature, SCM's certificate to verify the container token on DN.
OzoneBlockTokenSecretManager and ContainerTokenSecretManager are also leveraged in EC Reconstruction coordinator on DN. This time, DN's private key and certificates are used to do the signature calculation and verification.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org