apache · ChenSammi · Mar 23, 2023 · Mar 20, 2023 · Mar 21, 2023 · neils-dev
diff --git a/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java b/hadoop-hdds/tools/src/main/java/org/apache/hadoop/hdds/scm/cli/cert/ListSubcommand.java
@@ -65,7 +65,7 @@ public class ListSubcommand extends ScmCertSubcommand {
       description = "Filter certificate by the type: valid or revoked",
       defaultValue = "valid", showDefaultValue = Visibility.ALWAYS)
   private String type;
-  private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s";
+  private static final String OUTPUT_FORMAT = "%-17s %-30s %-30s %-110s %-110s";
 
   private HddsProtos.NodeType parseCertRole(String r) {
     if (r.equalsIgnoreCase("om")) {
@@ -79,17 +79,20 @@ private HddsProtos.NodeType parseCertRole(String r) {
 
   private void printCert(X509Certificate cert) {
     LOG.info(String.format(OUTPUT_FORMAT, cert.getSerialNumber(),
-        cert.getNotBefore(), cert.getNotAfter(), cert.getSubjectDN()));
+        cert.getNotBefore(), cert.getNotAfter(), cert.getSubjectDN(),
+        cert.getIssuerDN()));
   }
 
   @Override
   protected void execute(SCMSecurityProtocol client) throws IOException {
     boolean isRevoked = type.equalsIgnoreCase("revoked");
-    List<String> certPemList = client.listCertificate(
-        parseCertRole(role), startSerialId, count, isRevoked);
-    LOG.info("Total {} {} certificates: ", certPemList.size(), type);
+    HddsProtos.NodeType nodeType = parseCertRole(role);
+    List<String> certPemList = client.listCertificate(nodeType,
+        startSerialId, count, isRevoked);
+    LOG.info("Certificate list:(Type={}, BatchSize={}, CertCount={})",
+        type.toUpperCase(), count, certPemList.size());
     LOG.info(String.format(OUTPUT_FORMAT, "SerialNumber", "Valid From",
-        "Expiry", "Subject"));
+        "Expiry", "Subject", "Issuer"));
     for (String certPemStr : certPemList) {
       try {
         X509Certificate cert = CertificateCodec.getX509Certificate(certPemStr);

diff --git a/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot b/hadoop-ozone/dist/src/main/smoketest/security/admin-cert.robot
@@ -32,11 +32,11 @@ Setup Test
 *** Test Cases ***
 List valid certificates
     ${output} =      Execute    ozone admin cert list
-                     Should Contain    ${output}    valid certificates
+                     Should Contain    ${output}    Type=VALID
 
 List revoked certificates
     ${output} =      Execute    ozone admin cert list -t revoked
-                     Should Contain    ${output}    Total 0 revoked certificates
+                     Should Contain    ${output}    Certificate list:(Type=REVOKED, BatchSize=20, CertCount=0)
 
 Info of the cert
     ${output} =      Execute   for id in $(ozone admin cert list -c 1|grep UTC|awk '{print $1}'); do ozone admin cert info $id; done