Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Abandoned
-
None
-
None
-
None
-
None
Description
Currently, in Ozone, communication between Ozone Manager, SCM and Data Nodes takes place over TLS protocol, which is, through issued security artifacts i.e. X509 certificates. These certificates reside at SCM storage. The “known and trusted” data nodes are provisioned with corresponding certificates and for smooth communication in the system, these certificates are also stored on client certificate cache.
Problem is, once these certificates are invalidated on SCM, whether its Admin or Expired Certs or Cert Rotation Process (future), these certs are not removed or invalidated on Data Node’s Local Cache. This means that tokens issues by Ozone Manager (OM), can still be used to access blocks from Data Nodes since the client certificate case still holds the invalidated certificate.