Knox configured to access webhdfs exposed via SSL

[Rajesh Chandramohan <ra...@yahoo.com>]

Hi  Knox-users,
We have a use case as our secured cluster planning to block http url for webhdfs and only exposing https url as : https://cluster-mud-nn-2.ambari.com:50070/webhdfs/v1/?op=LISTSTATUS In that case while we access webhdfs via knox its throwing exception for SSL invalid certificate path.
 So do we need to import namenodes ssl signed certificate(.cer files)  to knox  host  ../security/cacerts file right ? Or what we should do to make knox work to access https: webhdfs link.

topology/ambari.xml==========    <service>        <role>NAMENODE</role>        <url>hdfs:/cluster-mud-nn.ambari.com:8020</url>    </service>
    <service>        <role>WEBHDFS</role>        <url>https://cluster-mud-nn.ambari.com:50070/webhdfs</url>        <url>https://cluster-mud-nn-2.ambari.com:50070/webhdfs</url>    </service>-----------
==============SSL error====2016-08-31 00:26:46,285 WARN  hadoop.gateway (DefaultDispatch.java:executeOutboundRequest(132)) - Connection exception dispatching request: https://cluster-mud-nn-2.ambari.com:50070/webhdfs/v1/?op=LISTSTATUS&doAs=appmon javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetjavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)  Thanks\Rajesh