HDDS-588. SelfSignedCertificate#generateCertificate should sign the certificate the configured security provider. Contributed by Xiaoyu Yao.

2018-10-09 00:28:01 -07:00 · 2018-10-09 00:28:01 -07:00 · 8d7c5f4ee7
commit 8d7c5f4ee7
parent 0aab74026e
1 changed files with 2 additions and 2 deletions
--- a/hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/certificates/SelfSignedCertificate.java
+++ b/hadoop-hdds/common/src/main/java/org/apache/hadoop/hdds/security/x509/certificates/SelfSignedCertificate.java
@ -103,8 +103,8 @@ private X509CertificateHolder generateCertificate()


    ContentSigner contentSigner =
-        new JcaContentSignerBuilder(
-            config.getSignatureAlgo()).build(key.getPrivate());
+        new JcaContentSignerBuilder(config.getSignatureAlgo())
+            .setProvider(config.getProvider()).build(key.getPrivate());

    // Please note: Since this is a root certificate we use "ONE" as the
    // serial number. Also note that skip enforcing locale or UTC. We are