New Contributor
Posts: 2
Registered: ‎06-04-2019

How do I not validate a TLS certificate?

[ Edited ]



CDH 5.16


I am working on the Impala, HttpFS configuration.
I ask questions about errors during their configuration.
The common part of the error is that the certificate's DNS is based on the domain (*, but the internally-called url is called with the server's FQDN, so there is an error in verifying the certificate.
HDFS & Yarn, Impala, and HttpFS.
I want to know how to set it up.
Below is an error message.



Could not connect to hostname:21050: [Errno 111] Connection refused (code THRIFTTRANSPORT): TTransportException('Could not connect tohostname:21050: [Errno 111] Connection refused',)


F0605 14:15:44.792534 159140] Could not build messenger: Runtime error: could not verify certificate chain (error with cert: subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - SHA256 - G2, issuer=C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA): unable to get issuer certificate . Impalad exiting.



HttpFS & Hue

Occurs when API calls are made internally in Hue to HttpFS(File Browser)

[11/Jun/2019 20:51:31 +0900] webhdfs ERROR Failed to determine superuser of WebHdfs at https://hostname:14000/webhdfs/v1: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
Traceback (most recent call last):
File "/opt/cloudera/parcels/CDH-5.16.1-1.cdh5.16.1.p0.3/lib/hue/desktop/libs/hadoop/src/hadoop/fs/", line 154, in superuser
sb = self.stats('/')
File "/opt/cloudera/parcels/CDH-5.16.1-1.cdh5.16.1.p0.3/lib/hue/desktop/libs/hadoop/src/hadoop/fs/", line 291, in stats
res = self._stats(path)
File "/opt/cloudera/parcels/CDH-5.16.1-1.cdh5.16.1.p0.3/lib/hue/desktop/libs/hadoop/src/hadoop/fs/", line 285, in _stats
raise ex
WebHdfsException: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
[11/Jun/2019 20:51:31 +0900] exceptions_renderable ERROR Potential detail: ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)