You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ranger.apache.org by Don Bosco Durai <bo...@apache.org> on 2015/05/21 21:26:50 UTC
Re: Handshake error configuring Knox repository geteway URL in
Ranger admin
Prabu
Can you check this JIRA and let us know if it work?
https://issues.apache.org/jira/browse/RANGER-355
Thanks
Bosco
On 5/21/15, 4:57 AM, "Prabu Soundar Rajan -X (prabsoun - MINDTREE LIMITED
at Cisco)" <pr...@cisco.com> wrote:
>Hi Team,
>
>We are experiencing the below issue in enabling the knox repository in
>Ranger admin. Please advise us on how to resolve it.
>
>Connection Failed.
>Exception on REST call to KnoxUrl :
>https://<hostname>:8888/gateway/admin/api/v1/topologies<https://%3chostnam
>e%3e:8888/gateway/admin/api/v1/topologies>. You can still save the
>repository and start creating policies, but you would not be able to use
>autocomplete for resource names. Check xa_portal.log for more info.
>
>javax.net.ssl.SSLHandshakeException:
>java.security.cert.CertificateException: No subject alternative names
>present.
>java.security.cert.CertificateException: No subject alternative names
>present.
>No subject alternative names present.
>
>Full Trace:
>
>ERROR com.xasecure.biz.AssetMgr (AssetMgr.java:1682) - Unable to connect
>repository with given config for cisco_knoxdev
>com.xasecure.hadoop.client.exceptions.HadoopException: Exception on REST
>call to KnoxUrl : https://hostname:8888/gateway/admin/api/v1/topologies.
> at
>com.xasecure.knox.client.KnoxClient.getTopologyList(KnoxClient.java:138)
> at com.xasecure.knox.client.KnoxClient$2.call(KnoxClient.java:360)
> at com.xasecure.knox.client.KnoxClient$2.call(KnoxClient.java:357)
> at
>com.xasecure.knox.client.KnoxClient.timedTask(KnoxClient.java:384)
> at
>com.xasecure.knox.client.KnoxClient.getKnoxResources(KnoxClient.java:365)
> at
>com.xasecure.knox.client.KnoxClient.testConnection(KnoxClient.java:278)
> at com.xasecure.biz.AssetMgr.testConfig(AssetMgr.java:1657)
> at com.xasecure.rest.AssetREST.testConfig(AssetREST.java:163)
> at
>com.xasecure.rest.AssetREST$$FastClassByCGLIB$$90363ab.invoke(<generated>)
> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191)
> at
>org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.inv
>okeJoinpoint(Cglib2AopProxy.java:689)
> at
>org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refle
>ctiveMethodInvocation.java:150)
> at
>org.springframework.transaction.interceptor.TransactionInterceptor.invoke(
>TransactionInterceptor.java:110)
> at
>org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refle
>ctiveMethodInvocation.java:172)
> at
>org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor
>.intercept(Cglib2AopProxy.java:622)
> at
>com.xasecure.rest.AssetREST$$EnhancerByCGLIB$$d1881638.testConfig(<generat
>ed>)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
>57)
> at
>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorIm
>pl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
>com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDis
>patchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvi
>der.java:168)
> at
>com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatc
>her.dispatch(ResourceJavaMethodDispatcher.java:70)
> at
>com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.
>java:279)
> at
>com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPat
>hRule.java:136)
> at
>com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClas
>sRule.java:86)
> at
>com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPat
>hRule.java:136)
> at
>com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootRe
>sourceClassesRule.java:74)
> at
>com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(W
>ebApplicationImpl.java:1357)
> at
>com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(W
>ebApplicationImpl.java:1289)
> at
>com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(We
>bApplicationImpl.java:1239)
> at
>com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(We
>bApplicationImpl.java:1229)
> at
>com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.jav
>a:420)
> at
>com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletConta
>iner.java:497)
> at
>com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletConta
>iner.java:684)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
>org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati
>onFilterChain.java:303)
> at
>org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter
>Chain.java:208)
> at
>org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> at
>org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati
>onFilterChain.java:241)
> at
>org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter
>Chain.java:208)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:330)
> at
>com.xasecure.security.web.filter.XASecurityContextFormationFilter.doFilter
>(XASecurityContextFormationFilter.java:134)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.access.intercept.FilterSecurityIntercepto
>r.invoke(FilterSecurityInterceptor.java:118)
> at
>org.springframework.security.web.access.intercept.FilterSecurityIntercepto
>r.doFilter(FilterSecurityInterceptor.java:84)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.access.ExceptionTranslationFilter.doFilte
>r(ExceptionTranslationFilter.java:113)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.session.SessionManagementFilter.doFilter(
>SessionManagementFilter.java:103)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.authentication.AnonymousAuthenticationFil
>ter.doFilter(AnonymousAuthenticationFilter.java:113)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.servletapi.SecurityContextHolderAwareRequ
>estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFi
>lter(RequestCacheAwareFilter.java:45)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.authentication.www.BasicAuthenticationFil
>ter.doFilter(BasicAuthenticationFilter.java:150)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.authentication.AbstractAuthenticationProc
>essingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.authentication.logout.LogoutFilter.doFilt
>er(LogoutFilter.java:105)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.context.SecurityContextPersistenceFilter.
>doFilter(SecurityContextPersistenceFilter.java:87)
> at
>org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil
>ter(FilterChainProxy.java:342)
> at
>org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterC
>hainProxy.java:192)
> at
>org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProx
>y.java:160)
> at
>org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delega
>tingFilterProxy.java:346)
> at
>org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFi
>lterProxy.java:259)
> at
>org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati
>onFilterChain.java:241)
> at
>org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter
>Chain.java:208)
> at
>org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.
>java:220)
> at
>org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.
>java:122)
> at
>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBa
>se.java:501)
> at
>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:1
>71)
> at
>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:1
>03)
> at
>org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
> at
>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.ja
>va:116)
> at
>org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408
>)
> at
>org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Pro
>cessor.java:1070)
> at
>org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(Abstr
>actProtocol.java:611)
> at
>org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.jav
>a:316)
> at
>java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:
>1145)
> at
>java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java
>:615)
> at
>org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.
>java:61)
> at java.lang.Thread.run(Thread.java:745)
>Caused by: com.sun.jersey.api.client.ClientHandlerException:
>javax.net.ssl.SSLHandshakeException:
>java.security.cert.CertificateException: No subject alternative names
>present
> at
>com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLC
>onnectionClientHandler.java:131)
> at
>com.sun.jersey.api.client.filter.HTTPBasicAuthFilter.handle(HTTPBasicAuthF
>ilter.java:81)
> at com.sun.jersey.api.client.Client.handle(Client.java:616)
> at
>com.sun.jersey.api.client.WebResource.handle(WebResource.java:559)
> at
>com.sun.jersey.api.client.WebResource.access$200(WebResource.java:72)
> at
>com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:454)
> at
>com.xasecure.knox.client.KnoxClient.getTopologyList(KnoxClient.java:86)
> ... 84 more
>Caused by: javax.net.ssl.SSLHandshakeException:
>java.security.cert.CertificateException: No subject alternative names
>present
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273)
> at
>sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:
>1446)
> at
>sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209
>)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901)
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:837)
> at
>sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
> at
>sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:
>1332)
> at
>sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
> at
>sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
> at
>sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
> at
>sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abst
>ractDelegateHttpsURLConnection.java:185)
> at
>sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnecti
>on.java:1301)
> at
>java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)
> at
>sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURL
>ConnectionImpl.java:338)
> at
>com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URL
>ConnectionClientHandler.java:218)
> at
>com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLC
>onnectionClientHandler.java:129)
> ... 90 more
>Caused by: java.security.cert.CertificateException: No subject
>alternative names present
> at
>sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142)
> at
>sun.security.util.HostnameChecker.match(HostnameChecker.java:91)
> at
>sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.j
>ava:347)
> at
>sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.ja
>va:203)
> at
>sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerI
>mpl.java:126)
> at
>sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:
>1428)
> ... 104 more
>
>
>
>Thanks & Regards,
>Prabu
>