Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)

Issue: Knox Gateway fails to start with "org.apache.hadoop.gateway.services.security.KeystoreServiceException: java.io.IOException: Keystore was tampered with, or password was incorrect"

Below are the startup logs.

2018-03-13 05:17:47,189 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: user.name=knox
2018-03-13 05:17:47,193 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: user.dir=/var/lib/knox
2018-03-13 05:25:26,853 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: java.runtime.name=OpenJDK Runtime Environment
2018-03-13 05:25:26,853 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: java.runtime.version=1.8.0_131-b11
2018-03-13 05:25:26,854 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: java.home=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64/jre
2018-03-13 05:25:27,230 INFO  hadoop.gateway (GatewayConfigImpl.java:loadConfigResource(322)) - Loading configuration resource jar:file:/usr/hdp/2.5.5.0-157/knox/bin/../lib/gateway-server-0.9.0.2.5.5.0-157.jar!/conf/gateway-default.xml
2018-03-13 05:25:27,244 INFO  hadoop.gateway (GatewayConfigImpl.java:loadConfigFile(310)) - Loading configuration file /usr/hdp/2.5.5.0-157/knox/bin/../conf/gateway-site.xml
2018-03-13 05:25:27,302 INFO  hadoop.gateway (GatewayConfigImpl.java:initGatewayHomeDir(254)) - Using /usr/hdp/2.5.5.0-157/knox/bin/.. as GATEWAY_HOME via system property.
2018-03-13 05:25:28,000 ERROR hadoop.gateway (BaseKeystoreService.java:getKeystore(161)) - Failed to load keystore [filename=__gateway-credentials.jceks, type=JCEKS]: java.io.IOException: Keystore was tampered with, or password was incorrect
2018-03-13 05:25:28,000 ERROR hadoop.gateway (DefaultAliasService.java:getPasswordFromAliasForCluster(100)) - Failed to get credential for cluster __gateway: org.apache.hadoop.gateway.services.security.KeystoreServiceException: java.io.IOException: Keystore was tampered with, or password was incorrect
2018-03-13 05:25:28,001 FATAL hadoop.gateway (GatewayServer.java:main(151)) - Failed to start gateway: org.apache.hadoop.gateway.services.ServiceLifecycleException: Provisioned signing key passphrase cannot be acquired.

.

Root cause: Keystore file was corrupted.

.

Resolution: Move the corrupted files to a temp directory and restart Knox. Knox will create the files again and restart will be successful.

ssh knoxhost
mkdir /tmp/keystores
mv /usr/hdp/current/knox-server/data/security/keystores/* /tmp/keystores

Hope this helps :)

1,081 Views
Comments

This worked for me thanks :) cheers !!

Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎03-13-2018 08:51 AM
Updated by:
 
Contributors
Top Kudoed Authors