Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
Description
when converting a unsecure cluster to a secure one, we need to reinit the primordial SCM to generate the root ca and a sub ca to itself. then , we need to bootstrap the other two scm to get a signed cert and sub ca from primordial SCM.
current code has a bug in initializeSecurityIfNeeded which will lead the bootstrapped scm to get a self signed cert from itself, not the root signed cert from primordial SCM.
Attachments
Issue Links
- links to