We applied OS level security only updates to nodes running our Hadoop Cluster. After security update were applied, started getting nio:720 - javax.net.ssl.SSLException:
I can't perform Cluster Operations through Ambari. All services are Yellow and start all/stop all greyed out.
Any solution? Appreciate any help/support in advance. I suspect one of the packages openssl, python or jdk got updated but not sure which package.
Hi @Anil Khiani,
Looks you are using the "TLS 1.0" version certificates and the update of the "OpenSSL/JDK Module" module in the server stoped supporting the same.
before you sort out your certificate issue, for time being you can use the Non-SSL communication method between Ambari-server and Ambari-Agents by setting(disabling two way ssl) security.server.two_way_ssl=false in /etc/ambari-server/conf/ambari.properties
Hope this helps!!
Can you please try this:
Edit the /etc/python/cert-verification.cfg and change the verify=disable and then restart ambari agents.
It might be related to some OS level patching you might have done which affects Python Security as well. If you are using RHEL then please refer to: https://access.redhat.com/errata/RHSA-2017:1868 to verify if you applied the mentioned fix.
You also might want to refer to a thread to match your complete error trace https://community.hortonworks.com/questions/120861/ambari-agent-ssl-certificate-verify-failed-certif...
Thanks @Jay SenSharma. Indeed, Edit the /etc/python/cert-verification.cfg and change the verify=disable and then restart ambari agents helped. I got production server. Is it recommended approach to disable cert-verification.