Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Able to write into an encryption zone but unable to read from it

Able to write into an encryption zone but unable to read from it

New Contributor

I was able to create an encryption zone on HDP and was able to write files into the zone using Talend ETL. However when I try to read files from the zone using the tool, I get the below error:

Exception in component tHDFSInput_1

java.io.IOException: No KeyProvider is configured, cannot access an encrypted file

at org.apache.hadoop.hdfs.DFSClient.decryptEncryptedDataEncryptionKey(DFSClient.java:1382)

at org.apache.hadoop.hdfs.DFSClient.createWrappedInputStream(DFSClient.java:1461)

at org.apache.hadoop.hdfs.DistributedFileSystem$4.doCall(DistributedFileSystem.java:332)

at org.apache.hadoop.hdfs.DistributedFileSystem$4.doCall(DistributedFileSystem.java:326)

at org.apache.hadoop.fs.FileSystemLinkResolver.resolve(FileSystemLinkResolver.java:81)

at org.apache.hadoop.hdfs.DistributedFileSystem.open(DistributedFileSystem.java:326)

When I try to write and read files using the same Talend ETL user , using Hadoop dfs commands it works fine, implying the user has all the required permissions.

Please can some one guide me to the solution

1 REPLY 1
Highlighted

Re: Able to write into an encryption zone but unable to read from it

Check hadoop.security.key.provider.path in core-site.xml and dfs.encryption.key.provider.uri in hdfs-site.xml. They have to be configured to point to the KMS URI.

Don't have an account?
Coming from Hortonworks? Activate your account here