You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oozie.apache.org by "Janos Makai (Jira)" <ji...@apache.org> on 2022/11/13 11:02:00 UTC

[jira] [Updated] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors

     [ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Janos Makai updated OOZIE-3674:
-------------------------------
    Attachment: OOZIE-3674-001.patch

> Add a --insecure like parameter to Oozie client so it can ignore certificate errors
> -----------------------------------------------------------------------------------
>
>                 Key: OOZIE-3674
>                 URL: https://issues.apache.org/jira/browse/OOZIE-3674
>             Project: Oozie
>          Issue Type: Task
>          Components: client
>    Affects Versions: 5.2.1
>            Reporter: Janos Makai
>            Assignee: Janos Makai
>            Priority: Major
>
> Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client or you need to import the certificate into the JDK's cert store otherwise Oozie client won't be able to connect to the Oozie server. Always passing these variables is very inconvenient, and another solution might be to allow certificate errors in the client. This would be like the curl *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, but the client would not check the certificate. This should not be turned on by default in the Oozie client, but this could be a new command line parameter.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)