Cloudera Community

Community Articles

Find and share helpful community-sourced technical articles.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Knox Gateway fails to start with "org.apache.hadoop.gateway.services.security.KeystoreServiceException"

Labels (1)
Labels:
avatar
author-rank asirna
Super Guru

Created on ‎03-13-2018 08:51 AM

Issue: Knox Gateway fails to start with "org.apache.hadoop.gateway.services.security.KeystoreServiceException: java.io.IOException: Keystore was tampered with, or password was incorrect"

Below are the startup logs.

2018-03-13 05:17:47,189 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: user.name=knox
2018-03-13 05:17:47,193 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: user.dir=/var/lib/knox
2018-03-13 05:25:26,853 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: java.runtime.name=OpenJDK Runtime Environment
2018-03-13 05:25:26,853 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: java.runtime.version=1.8.0_131-b11
2018-03-13 05:25:26,854 INFO  hadoop.gateway (GatewayServer.java:logSysProp(193)) - System Property: java.home=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64/jre
2018-03-13 05:25:27,230 INFO  hadoop.gateway (GatewayConfigImpl.java:loadConfigResource(322)) - Loading configuration resource jar:file:/usr/hdp/2.5.5.0-157/knox/bin/../lib/gateway-server-0.9.0.2.5.5.0-157.jar!/conf/gateway-default.xml
2018-03-13 05:25:27,244 INFO  hadoop.gateway (GatewayConfigImpl.java:loadConfigFile(310)) - Loading configuration file /usr/hdp/2.5.5.0-157/knox/bin/../conf/gateway-site.xml
2018-03-13 05:25:27,302 INFO  hadoop.gateway (GatewayConfigImpl.java:initGatewayHomeDir(254)) - Using /usr/hdp/2.5.5.0-157/knox/bin/.. as GATEWAY_HOME via system property.
2018-03-13 05:25:28,000 ERROR hadoop.gateway (BaseKeystoreService.java:getKeystore(161)) - Failed to load keystore [filename=__gateway-credentials.jceks, type=JCEKS]: java.io.IOException: Keystore was tampered with, or password was incorrect
2018-03-13 05:25:28,000 ERROR hadoop.gateway (DefaultAliasService.java:getPasswordFromAliasForCluster(100)) - Failed to get credential for cluster __gateway: org.apache.hadoop.gateway.services.security.KeystoreServiceException: java.io.IOException: Keystore was tampered with, or password was incorrect
2018-03-13 05:25:28,001 FATAL hadoop.gateway (GatewayServer.java:main(151)) - Failed to start gateway: org.apache.hadoop.gateway.services.ServiceLifecycleException: Provisioned signing key passphrase cannot be acquired.

.

Root cause: Keystore file was corrupted.

.

Resolution: Move the corrupted files to a temp directory and restart Knox. Knox will create the files again and restart will be successful.

ssh knoxhost
mkdir /tmp/keystores
mv /usr/hdp/current/knox-server/data/security/keystores/* /tmp/keystores

Hope this helps 🙂

2,908 Views
Comments

Re: Knox Gateway fails to start with "org.apache.hadoop.gateway.services.security.KeystoreServiceException"

avatar
author-rank saqie
Explorer

Created on ‎04-19-2018 12:06 PM

This worked for me thanks 🙂 cheers !!

Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements
Version history
Last update:
‎03-13-2018 08:51 AM
Updated by:
Super Guru
Contributors