You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@flink.apache.org by "tonychan (Jira)" <ji...@apache.org> on 2021/04/07 01:28:00 UTC
[jira] [Created] (FLINK-22126) when i set ssl ,the jobmanager got
certificate_unknown exception
tonychan created FLINK-22126:
--------------------------------
Summary: when i set ssl ,the jobmanager got certificate_unknown exception
Key: FLINK-22126
URL: https://issues.apache.org/jira/browse/FLINK-22126
Project: Flink
Issue Type: Bug
Reporter: tonychan
Attachments: image-2021-04-07-09-26-16-490.png, image-2021-04-07-09-26-21-958.png
!image-2021-04-07-09-26-21-958.png!
my setup as below:
keytool -genkeypair -alias ca -keystore ca.keystore -dname "CN=ART002" -storepass ca_keystore_password -keyalg RSA -keysize 4096 -ext "bc=ca:true" -storetype PKCS12
keytool -exportcert -keystore ca.keystore -alias ca -storepass ca_keystore_password -file ca.cer
keytool -importcert -keystore ca.truststore -alias ca -storepass ca_truststore_password -file ca.cer -noprompt
keytool -genkeypair -alias flink.rest -keystore rest.signed.keystore -dname "CN=ART002" -ext "SAN=dns:ART002" -storepass rest_keystore_password -keyalg RSA -keysize 4096 -storetype PKCS12
keytool -certreq -alias flink.rest -keystore rest.signed.keystore -storepass rest_keystore_password -file rest.csr
keytool -gencert -alias ca -keystore ca.keystore -storepass ca_keystore_password -ext "SAN=dns:ART002,ip:*.*0.145.92" -infile rest.csr -outfile rest.cer
keytool -importcert -keystore rest.signed.keystore -storepass rest_keystore_password -file ca.cer -alias ca -noprompt
keytool -importcert -keystore rest.signed.keystore -storepass rest_keystore_password -file rest.cer -alias flink.rest -noprompt
security.ssl.rest.enabled: true
security.ssl.rest.keystore: /data/flink/flink-1.11.2/ssl/rest.signed.keystore
security.ssl.rest.truststore: /data/flink/flink-1.11.2/ssl/ca.truststore
security.ssl.rest.keystore-password: rest_keystore_password
security.ssl.rest.key-password: rest_keystore_password
security.ssl.rest.truststore-password: ca_truststore_password
--
This message was sent by Atlassian Jira
(v8.3.4#803005)