You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@hadoop.apache.org by yugendhar fedric <yu...@gmail.com> on 2020/03/13 09:44:07 UTC

BootstrapStandBy issue in Hadoop-3.2.1 for windows -reg

Hi ,
     In Hadoop 3.2.1 while Forming Secure cluster(Kerberos) using Java
1.8.0_60 With below conditions
  1.Generated SSL Certificates with SHA1withRSA(signature algorithm) in all
nodes
  2. Modified  Krb5.ini with algorithms :
          allow_weak_crypto = true
          permitted_enctypes = aes256-cts-hmac-sha1-96
          default_tgs_enctypes= aes256-cts-hmac-sha1-96
          default_tkt_enctypes = aes256-cts-hmac-sha1-96
          supported_enctypes = aes256-cts-hmac-sha1-96
  3.Added below Java properties in all nodes.

 -Dhttps.cipherSuites=AES256-SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA

  4.While starting namenode services evrything was fine and Encryption
happens using SHA1 Hashing.
       5. Issue occurs while Starting StandBy namenode during image tranfer
through WebHDFS and the issue was Client initiates the connection with SHA1
encryption but still server responds with only SHA384 algorithm.
       6. Please find the below screenshot on the issue log generated in
the namenode machine.
[image: image.jpeg]