You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Hudson (JIRA)" <ji...@apache.org> on 2015/06/03 15:28:37 UTC

[jira] [Commented] (AMBARI-11645) Unable to communicate to Namenode after wire encryption

    [ https://issues.apache.org/jira/browse/AMBARI-11645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14570804#comment-14570804 ] 

Hudson commented on AMBARI-11645:
---------------------------------

SUCCESS: Integrated in Ambari-trunk-Commit #2796 (See [https://builds.apache.org/job/Ambari-trunk-Commit/2796/])
AMBARI-11645. Unable to communicate to Namenode after wire encryption (aonishuk) (aonishuk: http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=4ca2ba7a333f82ab289f1089a57c62789477c606)
* ambari-common/src/main/python/resource_management/libraries/providers/hdfs_resource.py


> Unable to communicate to Namenode after wire encryption
> -------------------------------------------------------
>
>                 Key: AMBARI-11645
>                 URL: https://issues.apache.org/jira/browse/AMBARI-11645
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Andrew Onischuk
>            Assignee: Andrew Onischuk
>             Fix For: 2.1.0
>
>
> On a cluster with HDFS,Mapred, Yarn,Tez, Zookeeper and Ambari metrics enabled
> security and then followed <http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-
> 2.1.5/bk_Security_Guide/content/ch_wire-https.html> to perform wire
> encryption.
> After above steps are completed, we see the below error in name node logs
> whenever any request is processed.
>     
>     
>     
>     2015-06-02 21:57:21,255 WARN  mortbay.log (Slf4jLog.java:warn(89)) - EXCEPTION 
>     javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
>     	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>     	at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>     	at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
>     	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
>     	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
>     	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
>     	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
>     	at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:723)
>     	at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
>     
> Using the key tool we verified in all the nodes whether the certificate is
> valid and it doesn't show up any errors there. Please help take a look to
> resolve this issue.  
> Output from the validation check is attached.  
> here is a cluster to take a look:



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)