diff --git a/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java b/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java index 0ac5f9f6ba05..3d63d007f613 100644 --- a/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java +++ b/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java @@ -65,7 +65,7 @@ public class ListSubcommand extends ScmCertSubcommand { description = "Filter certificate by the type: valid or revoked", defaultValue = "valid", showDefaultValue = Visibility.ALWAYS) private String type; - private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s"; + private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s %-110s"; private HddsProtos.NodeType parseCertRole(String r) { if (r.equalsIgnoreCase("om")) { @@ -79,17 +79,20 @@ private HddsProtos.NodeType parseCertRole(String r) { private void printCert(X509Certificate cert) { LOG.info(String.format(OUTPUT_FORMAT, cert.getSerialNumber(), - cert.getNotBefore(), cert.getNotAfter(), cert.getSubjectDN())); + cert.getNotBefore(), cert.getNotAfter(), cert.getSubjectDN(), + cert.getIssuerDN())); } @Override protected void execute(SCMSecurityProtocol client) throws IOException { boolean isRevoked = type.equalsIgnoreCase("revoked"); - List certPemList = client.listCertificate( - parseCertRole(role), startSerialId, count, isRevoked); - LOG.info("Total {} {} certificates: ", certPemList.size(), type); + HddsProtos.NodeType nodeType = parseCertRole(role); + List certPemList = client.listCertificate(nodeType, + startSerialId, count, isRevoked); + LOG.info("Certificate list:(Type={}, BatchSize={}, CertCount={})", + type.toUpperCase(), count, certPemList.size()); LOG.info(String.format(OUTPUT_FORMAT, "SerialNumber", "Valid From", - "Expiry", "Subject")); + "Expiry", "Subject", "Issuer")); for (String certPemStr : certPemList) { try { X509Certificate cert = CertificateCodec.getX509Certificate(certPemStr); diff --git a/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot b/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot index 1a214c924dfc..524345dd3e7e 100644 --- a/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot +++ b/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot @@ -32,11 +32,11 @@ Setup Test *** Test Cases *** List valid certificates ${output} = Execute ozone admin cert list - Should Contain ${output} valid certificates + Should Contain ${output} Type=VALID List revoked certificates ${output} = Execute ozone admin cert list -t revoked - Should Contain ${output} Total 0 revoked certificates + Should Contain ${output} Certificate list:(Type=REVOKED, BatchSize=20, CertCount=0) Info of the cert ${output} = Execute for id in $(ozone admin cert list -c 1|grep UTC|awk '{print $1}'); do ozone admin cert info $id; done