You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by Di Li <os...@gmail.com> on 2017/04/20 20:52:27 UTC

Ambari Agent ignores Ambari server ssl cert by default ?

Hello folks

I am trying to understand how Ambari agent handles the self-sign ssl cert
generated by the Ambari server during default installation.

Ambari agent security.py has this code here that sets
"cert_reqs=ssl.CERT_NONE"
>>> self.sock = ssl.wrap_socket(sock, cert_reqs=ssl.CERT_NONE)

Doesn't this mean Ambari Agent ignores Ambari server ssl cert unless
customers manually setup two-way ssl authentication ?  How does Ambari
Agent use the self-sign cert ( it looks like to me that it doesn';t use it
at all) ?



Thank you.

Di Li