You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Eric Yang (JIRA)" <ji...@apache.org> on 2017/09/20 17:51:00 UTC

[jira] [Created] (AMBARI-22009) Ambari Server and Agent communication does not verify SSL certificates

Eric Yang created AMBARI-22009:
----------------------------------

             Summary: Ambari Server and Agent communication does not verify SSL certificates
                 Key: AMBARI-22009
                 URL: https://issues.apache.org/jira/browse/AMBARI-22009
             Project: Ambari
          Issue Type: Bug
            Reporter: Eric Yang


This is a follow up to AMBARI-14149, where more system are showing inability to establish connection between server and agent.  In the latest OS update for Python 2.7.5-58, it forces HttpsConnection api to verify certificate or set context=ssl._create_unverified_context() flag.  At some point, context=ssl._create_unverified_context() will be flagged as security vulnerability.  Ambari server can created its own trusted certificates for both server and clients to avoid setting unverified certificate flag.  Agent registration process can automate the certificate generation process for agents.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)