Uploaded image for project: 'Apache Ozone'
  1. Apache Ozone
  2. HDDS-7391 Phase I - Automated live rotation of CA certificates in a cluster with established trust
  3. HDDS-8598

Add cleanup logic to remove old CA related material

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • None
    • Security

    Description

      After the root CA certificate related changes are integrated to client side (OM, Datanode, Recon) the old material to root CA and sub CAs signed by that root CA can be removed. This should only be done after the old root CA certificate has expired just to make sure nothing goes wrong.

      Attachments

        Activity

          People

            Unassigned Unassigned
            sgal Szabolcs Gál
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: