You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Ashish Kumar (Jira)" <ji...@apache.org> on 2023/01/05 08:58:00 UTC
[jira] [Assigned] (HDDS-7700) Recon server is missing CA certificates
[ https://issues.apache.org/jira/browse/HDDS-7700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ashish Kumar reassigned HDDS-7700:
----------------------------------
Assignee: Ashish Kumar
> Recon server is missing CA certificates
> ---------------------------------------
>
> Key: HDDS-7700
> URL: https://issues.apache.org/jira/browse/HDDS-7700
> Project: Apache Ozone
> Issue Type: Bug
> Components: Ozone Recon
> Affects Versions: 1.2.0
> Reporter: Soumitra Sulav
> Assignee: Ashish Kumar
> Priority: Critical
> Labels: pki
>
> *Issue :*
> Certificates are missing for the Ozone RECON server.
> Neither it's listed in the ozone admin cert list nor we can find it in the certs directory.
> The startup logs of the Recon service confirm that there was an issue with the certificate creation.
> *Error StackTrace :*
> {code:java}
> 2022-12-21 13:43:23,575 INFO org.apache.hadoop.ozone.recon.ReconServer: Recon login successful.
> 2022-12-21 13:43:23,575 INFO org.apache.hadoop.ozone.recon.ReconServer: ReconStorageConfig initialized.Initializing certificate.
> 2022-12-21 13:43:23,575 INFO org.apache.hadoop.ozone.recon.ReconServer: Initializing secure Recon.
> 2022-12-21 13:43:24,246 ERROR org.apache.hadoop.hdds.security.x509.certificate.client.ReconCertificateClient: Default certificate serial id is not set. Can't locate the default certificate for this client.
> 2022-12-21 13:43:24,247 INFO org.apache.hadoop.hdds.security.x509.certificate.client.ReconCertificateClient: Certificate client init case: 6
> 2022-12-21 13:43:24,248 INFO org.apache.hadoop.hdds.security.x509.certificate.client.ReconCertificateClient: Found private and public key but certificate is missing.
> 2022-12-21 13:43:24,359 INFO org.apache.hadoop.ozone.recon.ReconServer: Init response: RECOVER
> 2022-12-21 13:43:24,360 ERROR org.apache.hadoop.ozone.recon.ReconServer: Recon security initialization failed. Recon certificate is missing.
> 2022-12-21 13:43:24,361 ERROR org.apache.hadoop.ozone.recon.ReconServer: Error during initializing Recon certificate
> java.lang.RuntimeException: Recon security initialization failed.
> at org.apache.hadoop.ozone.recon.ReconServer.initializeCertificateClient(ReconServer.java:204)
> at org.apache.hadoop.ozone.recon.ReconServer.call(ReconServer.java:125)
> at org.apache.hadoop.ozone.recon.ReconServer.call(ReconServer.java:71)
> at picocli.CommandLine.executeUserObject(CommandLine.java:1953)
> at picocli.CommandLine.access$1300(CommandLine.java:145)
> at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2352)
> at picocli.CommandLine$RunLast.handle(CommandLine.java:2346)
> at picocli.CommandLine$RunLast.handle(CommandLine.java:2311)
> at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
> at picocli.CommandLine.execute(CommandLine.java:2078)
> at org.apache.hadoop.hdds.cli.GenericCli.execute(GenericCli.java:100)
> at org.apache.hadoop.hdds.cli.GenericCli.run(GenericCli.java:91)
> at org.apache.hadoop.ozone.recon.ReconServer.main(ReconServer.java:92)
> 2022-12-21 13:43:24,364 INFO org.apache.hadoop.ozone.recon.spi.impl.ReconDBProvider: Last known Recon DB : /var/lib/hadoop-ozone/recon/data/recon-container-key.db_1671547060037
> 2022-12-21 13:43:24,626 INFO org.apache.hadoop.ozone.recon.persistence.DefaultDataSourceProvider: JDBC Url for Recon : jdbc:derby:/var/lib/hadoop-ozone/recon/data/ozone_recon_derby.db
> {code}
> Cluster Details :
> # ozone version
> Using HDDS 1.2.0
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org