[HDDS-5055] Fix TlSClientConfig in DN/Client - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Implemented
Affects Version/s: 1.0.0
Fix Version/s: 1.2.0
Component/s: Ozone Client, Ozone Datanode
Labels:
None

Description

TLSClientConfig in DN should use DN privateKey, DN Cert, CALIst, and MTLS to true.

Today it uses below as TLSClientConfig

      tlsConfig = new GrpcTlsConfig(null, null,
          caCerts, false);

This is used in RaftClient for making add Group call in CreatePipelineCommandHandler.

And in createTLSParameters for client config set mTLS to true which is used by DN.

      GrpcTlsConfig clientConfig = new GrpcTlsConfig(
          caClient.getPrivateKey(), caClient.getCertificate(),
          caList, false);
      GrpcConfigKeys.Client.setTlsConf(parameters, clientConfig);

Attachments

Issue Links

is fixed by

HDDS-5246 Wait for ever to obtain CA list which is needed during OM/DN startup

Resolved

Activity

People

Assignee:: Bharat Viswanadham

Reporter:: Bharat Viswanadham

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 31/Mar/21 16:23

Updated:: 19/May/21 09:51

Resolved:: 19/May/21 09:51