You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@flink.apache.org by "tonychan (Jira)" <ji...@apache.org> on 2021/04/07 01:28:00 UTC

[jira] [Created] (FLINK-22126) when i set ssl ,the jobmanager got certificate_unknown exception

tonychan created FLINK-22126:
--------------------------------

             Summary: when i set ssl ,the jobmanager got certificate_unknown exception
                 Key: FLINK-22126
                 URL: https://issues.apache.org/jira/browse/FLINK-22126
             Project: Flink
          Issue Type: Bug
            Reporter: tonychan
         Attachments: image-2021-04-07-09-26-16-490.png, image-2021-04-07-09-26-21-958.png

!image-2021-04-07-09-26-21-958.png!

my setup as below:

 

keytool -genkeypair -alias ca -keystore ca.keystore -dname "CN=ART002" -storepass ca_keystore_password -keyalg RSA -keysize 4096 -ext "bc=ca:true" -storetype PKCS12
keytool -exportcert -keystore ca.keystore -alias ca -storepass ca_keystore_password -file ca.cer
keytool -importcert -keystore ca.truststore -alias ca -storepass ca_truststore_password -file ca.cer -noprompt

 

keytool -genkeypair -alias flink.rest -keystore rest.signed.keystore -dname "CN=ART002" -ext "SAN=dns:ART002" -storepass rest_keystore_password -keyalg RSA -keysize 4096 -storetype PKCS12
keytool -certreq -alias flink.rest -keystore rest.signed.keystore -storepass rest_keystore_password -file rest.csr
keytool -gencert -alias ca -keystore ca.keystore -storepass ca_keystore_password -ext "SAN=dns:ART002,ip:*.*0.145.92" -infile rest.csr -outfile rest.cer
keytool -importcert -keystore rest.signed.keystore -storepass rest_keystore_password -file ca.cer -alias ca -noprompt
keytool -importcert -keystore rest.signed.keystore -storepass rest_keystore_password -file rest.cer -alias flink.rest -noprompt

 

 

security.ssl.rest.enabled: true
security.ssl.rest.keystore: /data/flink/flink-1.11.2/ssl/rest.signed.keystore
security.ssl.rest.truststore: /data/flink/flink-1.11.2/ssl/ca.truststore
security.ssl.rest.keystore-password: rest_keystore_password
security.ssl.rest.key-password: rest_keystore_password
security.ssl.rest.truststore-password: ca_truststore_password

 

 

 

 

 

 

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)