diff --git a/ingestion/src/airflow_provider_openmetadata/hooks/openmetadata.py b/ingestion/src/airflow_provider_openmetadata/hooks/openmetadata.py index ceccf8558bf0..5d103b4e80fc 100644 --- a/ingestion/src/airflow_provider_openmetadata/hooks/openmetadata.py +++ b/ingestion/src/airflow_provider_openmetadata/hooks/openmetadata.py @@ -66,7 +66,7 @@ def get_conn(self) -> OpenMetadataConnection: extra = conn.extra_dejson if conn.get_extra() else {} verify_ssl = extra.get("verifySSL") or self.default_verify_ssl ssl_config = ( - ValidateSslClientConfig(certificatePath=extra["sslConfig"]) + ValidateSslClientConfig(caCertificate=extra["sslConfig"]) if extra.get("sslConfig") else self.default_ssl_config ) diff --git a/ingestion/src/metadata/utils/ssl_registry.py b/ingestion/src/metadata/utils/ssl_registry.py index bf4b24e11fd8..a7fe0b859075 100644 --- a/ingestion/src/metadata/utils/ssl_registry.py +++ b/ingestion/src/metadata/utils/ssl_registry.py @@ -39,7 +39,7 @@ def ignore_ssl_init(_: Optional[SslConfig]) -> bool: @ssl_verification_registry.add(VerifySSL.validate.value) def validate_ssl_init(ssl_config: Optional[SslConfig]) -> str: - return ssl_config.__root__.certificatePath + return ssl_config.__root__.caCertificate.get_secret_value() def get_verify_ssl_fn(verify_ssl: VerifySSL) -> Callable: diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/OpenMetadataApplicationConfig.java b/openmetadata-service/src/main/java/org/openmetadata/service/OpenMetadataApplicationConfig.java index 47deae5398f9..fe11af40df4a 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/OpenMetadataApplicationConfig.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/OpenMetadataApplicationConfig.java @@ -18,6 +18,7 @@ import io.dropwizard.db.DataSourceFactory; import io.dropwizard.health.conf.HealthConfiguration; import io.federecio.dropwizard.swagger.SwaggerBundleConfiguration; +import java.util.LinkedHashMap; import javax.validation.Valid; import javax.validation.constraints.NotNull; import lombok.Getter; @@ -66,6 +67,20 @@ public class OpenMetadataApplicationConfig extends Configuration { @JsonProperty("pipelineServiceClientConfiguration") private PipelineServiceClientConfiguration pipelineServiceClientConfiguration; + private static final String CERTIFICATE_PATH = "certificatePath"; + + public PipelineServiceClientConfiguration getPipelineServiceClientConfiguration() { + + LinkedHashMap temporarySSLConfig = + (LinkedHashMap) pipelineServiceClientConfiguration.getSslConfig(); + if (temporarySSLConfig != null && temporarySSLConfig.containsKey(CERTIFICATE_PATH)) { + temporarySSLConfig.put("caCertificate", temporarySSLConfig.get(CERTIFICATE_PATH)); + temporarySSLConfig.remove(CERTIFICATE_PATH); + } + pipelineServiceClientConfiguration.setSslConfig(temporarySSLConfig); + return pipelineServiceClientConfiguration; + } + @JsonProperty("migrationConfiguration") @NotNull private MigrationConfiguration migrationConfiguration; diff --git a/openmetadata-ui/src/main/resources/ui/src/utils/ConnectionSchemas/SupersetConnection.json b/openmetadata-ui/src/main/resources/ui/src/utils/ConnectionSchemas/SupersetConnection.json index c3985be7d1bc..61092fc7d76f 100644 --- a/openmetadata-ui/src/main/resources/ui/src/utils/ConnectionSchemas/SupersetConnection.json +++ b/openmetadata-ui/src/main/resources/ui/src/utils/ConnectionSchemas/SupersetConnection.json @@ -84,7 +84,7 @@ "type": "object", "javaType": "org.openmetadata.schema.security.ssl.ValidateSSLClientConfig", "properties": { - "certificatePath": { + "caCertificate": { "title": "Certificate Path", "description": "CA certificate path. E.g., /path/to/public.cert. Will be used if Verify SSL is set to `validate`.", "type": "string" @@ -264,7 +264,7 @@ "type": "object", "javaType": "org.openmetadata.schema.security.ssl.ValidateSSLClientConfig", "properties": { - "certificatePath": { + "caCertificate": { "description": "CA certificate path. E.g., /path/to/public.cert. Will be used if Verify SSL is set to `validate`.", "type": "string" }