Support Questions

Find answers, ask questions, and share your expertise

After Operating System Security Patching, get SSL exception


Hi Team,

We applied OS level security only updates to nodes running our Hadoop Cluster. After security update were applied, started getting nio:720 -

I can't perform Cluster Operations through Ambari. All services are Yellow and start all/stop all greyed out.

Any solution? Appreciate any help/support in advance. I suspect one of the packages openssl, python or jdk got updated but not sure which package.


Anil Khiani


Super Collaborator

Hi @Anil Khiani,

Looks you are using the "TLS 1.0" version certificates and the update of the "OpenSSL/JDK Module" module in the server stoped supporting the same.

before you sort out your certificate issue, for time being you can use the Non-SSL communication method between Ambari-server and Ambari-Agents by setting(disabling two way ssl) security.server.two_way_ssl=false in /etc/ambari-server/conf/

Hope this helps!!


Thanks @bkosaraju. Tried with no luck. Checked ambari-server logs and get

28 Sep 2017 01:05:27,940WARN [qtp-ambari-agent-57] nio:720 - Received fatal alert: unknown_ca

Super Mentor

@Anil Khiani

Can you please try this:

Edit the /etc/python/cert-verification.cfg and change the verify=disable and then restart ambari agents.


It might be related to some OS level patching you might have done which affects Python Security as well. If you are using RHEL then please refer to: to verify if you applied the mentioned fix.


You also might want to refer to a thread to match your complete error trace


Thanks @Jay SenSharma. Indeed, Edit the /etc/python/cert-verification.cfg and change the verify=disable and then restart ambari agents helped. I got production server. Is it recommended approach to disable cert-verification.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.