Hello,
I enabled HTTPS for my Ambari Server before I changed it to run as a non-root daemon user. After I enabled non-root daemon, I'm getting the following error:
24 Jan 2017 17:06:48,001 WARN [main] AbstractLifeCycle:204 - FAILED SslSelectChannelConnector@0.0.0.0:443: java.net.SocketException: Permission denied
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
at sun.nio.ch.Net.bind(Net.java:433)
at sun.nio.ch.Net.bind(Net.java:425)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:187)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:316)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:265)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:631)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:293)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.apache.ambari.server.controller.AmbariServer.run(AmbariServer.java:617)
at org.apache.ambari.server.controller.AmbariServer.main(AmbariServer.java:927)
It seems as though even though I've put in all the sudo settings (starting here: https://docs.hortonworks.com/HDPDocuments/Ambari-2.4.2.0/bk_ambari-security/content/commands_server.... ) the non-root user still doesn't have enough permissions to read the certificate to use for SSL binding. Does anyone know what is needed for this permission issue to be resolved? The SSL certificate and key are installed in /etc/ssl/certs/
I've been searching and I can't seem to find an answer to this.
Thanks
