You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Robert Kanter (JIRA)" <ji...@apache.org> on 2015/07/28 02:21:04 UTC
[jira] [Created] (OOZIE-2318) Provide better solution for
specifying SSL truststore to Oozie Client
Robert Kanter created OOZIE-2318:
------------------------------------
Summary: Provide better solution for specifying SSL truststore to Oozie Client
Key: OOZIE-2318
URL: https://issues.apache.org/jira/browse/OOZIE-2318
Project: Oozie
Issue Type: Sub-task
Components: docs
Affects Versions: trunk
Reporter: Robert Kanter
When using a self-signed certificate, Java will not allow the Oozie CLI will not connect to the Oozie server without importing the cert into the JRE, as described in the docs [here|http://oozie.apache.org/docs/4.2.0/AG_Install.html#Configure_the_Oozie_Client_to_connect_using_SSL_HTTPS]. This has a number of downsides.
Instead, we should get rid of that and replace it with directions on how to change where the Oozie CLI looks for the truststore:
{noformat}
export OOZIE_CLIENT_OPTS='-Djavax.net.ssl.trustStore=/path/to/oozie-truststore.jks -Djavax.net.ssl.trustStorePassword=password'
{noformat}
Along with directions on how to create the truststore from the keystore/cert.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)