You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ao...@apache.org on 2018/06/12 07:51:45 UTC
[ambari] 01/03: AMBARI-24070. Added missing 2-way SSL logs
This is an automated email from the ASF dual-hosted git repository.
aonishuk pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
commit 5cda3d3cd683063c77e0374b6bc50a398cf70097
Author: Srikanth Janardhan <sj...@hortonworks.com>
AuthorDate: Mon Jun 11 14:45:25 2018 +0530
AMBARI-24070. Added missing 2-way SSL logs
---
.../src/main/python/ambari_agent/security.py | 21 +++++++++++++++++++--
1 file changed, 19 insertions(+), 2 deletions(-)
diff --git a/ambari-agent/src/main/python/ambari_agent/security.py b/ambari-agent/src/main/python/ambari_agent/security.py
index 563771a..99e0dcc 100644
--- a/ambari-agent/src/main/python/ambari_agent/security.py
+++ b/ambari-agent/src/main/python/ambari_agent/security.py
@@ -63,6 +63,10 @@ class VerifiedHTTPSConnection:
if not self.two_way_ssl_required:
conn = AmbariStompConnection(self.connection_url)
+ self.establish_connection(conn)
+ logger.info('SSL connection established. Two-way SSL authentication is '
+ 'turned off on the server.')
+ return conn
else:
self.certMan = CertificateManager(self.config, self.host)
self.certMan.initSecurity()
@@ -79,8 +83,21 @@ class VerifiedHTTPSConnection:
conn = AmbariStompConnection(self.connection_url, ssl_options=ssl_options)
- self.establish_connection(conn)
- return conn
+ try:
+ self.establish_connection(conn)
+ logger.info('SSL connection established. Two-way SSL authentication '
+ 'completed successfully.')
+ except ambari_stomp.exception.ConnectFailedException as err:
+ logger.error('Two-way SSL authentication failed. Ensure that '
+ 'server and agent certificates were signed by the same CA '
+ 'and restart the agent. '
+ '\nIn order to receive a new agent certificate, remove '
+ 'existing certificate file from keys directory. As a '
+ 'workaround you can turn off two-way SSL authentication in '
+ 'server configuration(ambari.properties) '
+ '\nExiting..')
+ raise err
+ return conn
def establish_connection(self, conn):
"""
--
To stop receiving notification emails like this one, please contact
aonishuk@apache.org.