Uploaded image for project: 'Kudu'
  1. Kudu
  2. KUDU-1965

Allow user provided TLS certificates to work with KRPC

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.3.0
    • Fix Version/s: 1.4.0
    • Component/s: rpc, security
    • Labels:

      Description

      Kudu generates certificates when TLS is enabled and if the user does not provide them. These certificates have Kudu specific encodings which are checked for in the RPC negotiation phase.

      If the certificates are user provided, it's highly likely that they will not contain these encodings, thus causing the certificate negotiation phase to fail.

      We can check for and verify these encodings if the certificates are provided by Kudu, else we can skip that step in the negotiation phase if the certificates are user provided.

        Attachments

          Activity

            People

            • Assignee:
              sailesh Sailesh Mukil
              Reporter:
              sailesh Sailesh Mukil
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: