Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ingest): Add client_certificate_path for rest client cert instead of ca_certif… #8581

Merged
merged 3 commits into from
Aug 10, 2023
Merged

fix(ingest): Add client_certificate_path for rest client cert instead of ca_certif… #8581

merged 3 commits into from
Aug 10, 2023

Conversation

mkamalas
Copy link
Contributor

@mkamalas mkamalas commented Aug 7, 2023

…icate_path

Prior to v10.0.3, we are passing server side certificate in the ca_certificate_path and this is used for ssl verification. With the PR - #7978, this has been changed to cert (client certificate) and this causes ssl handshake failure.

The proposal in this PR is to use a new parameter for client_certificate_path for client certificate and reset old parameter as verify for server cert verification.

Checklist

  • The PR conforms to DataHub's Contributing Guideline (particularly Commit Message Format)
  • Links to related issues (if applicable)
  • Tests for the changes have been added/updated (if applicable)
  • Docs related to the changes have been added/updated (if applicable). If a new feature has been added a Usage Guide has been added for the same.
  • For any breaking change/potential downtime/deprecation/big changes an entry has been made in Updating DataHub

@github-actions github-actions bot added the ingestion PR or Issue related to the ingestion of metadata label Aug 7, 2023
hsheth2
hsheth2 approved these changes Aug 10, 2023
View reviewed changes
Copy link
Collaborator

@hsheth2 hsheth2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change seems reasonable

For my own understanding - session.cert is the client cert, and session.verify can be the server's cert or True/False. Is that right?

@hsheth2 hsheth2 added the merge-pending-ci A PR that has passed review and should be merged once CI is green. label Aug 10, 2023
@mkamalas
Copy link
Contributor Author

This change seems reasonable

For my own understanding - session.cert is the client cert, and session.verify can be the server's cert or True/False. Is that right?

Yes, that is correct.

@anshbansal anshbansal merged commit 93cc10e into datahub-project:master Aug 10, 2023
44 checks passed
@hsheth2 hsheth2 mentioned this pull request Aug 15, 2023
Merged
5 tasks
yoonhyejin pushed a commit that referenced this pull request Aug 24, 2023
@mkamalas @yoonhyejin
fix(ingest): Add client_certificate_path for rest client cert instead…
da41814 
… of ca_certif… (#8581)

Co-authored-by: Kamalaseshan Radha <mkamalas@LAMU02DN212MD6R.uhc.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hsheth2 hsheth2 hsheth2 approved these changes

Assignees
No one assigned
Labels
ingestion PR or Issue related to the ingestion of metadata merge-pending-ci A PR that has passed review and should be merged once CI is green.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mkamalas @hsheth2 @anshbansal