Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Atlas application log showing below error

Solved Go to solution

Atlas application log showing below error

After enabling kerberos we are seeing below errors in atlas application log.

WARN - [3e0a832b-bc1f-43bf-ab70-fe616747cf1a:] ~ Authentication exception: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (

400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC) (AuthenticationFilter:586)

Below is the klist output.

klist -kte atlas.service.keytab

Keytab name: FILE:atlas.service.keytab

KVNO Timestamp         Principal

---- ----------------- --------------------------------------------------------

   4 01/01/70 01:00:00 atlas/xxx (DES cbc mode with CRC-32)

   4 01/01/70 01:00:00 atlas/xxx (DES cbc mode with RSA-MD5)

   4 01/01/70 01:00:00 atlas/xxx (ArcFour with HMAC/md5)

   4 01/01/70 01:00:00 atlas/xxx (AES-256 CTS mode with 96-bit SHA-1 HMAC)

   4 01/01/70 01:00:00 atlas/xxx (AES-128 CTS mode with 96-bit SHA-1 HMAC)

Checked kerberos kvno number for that principal from KDC and keytab file and both are same. Please guide.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Atlas application log showing below error

I found out the issue, actually we enabled the spnego for atlas therefore it was checking the spnego.service.keytab file. Somehow user "atlas" got removed from the application group therefore didn't had read permission on spnego.service.keytab file. Once we given read permission issue got resolved. Thanks

View solution in original post

1 REPLY 1
Highlighted

Re: Atlas application log showing below error

I found out the issue, actually we enabled the spnego for atlas therefore it was checking the spnego.service.keytab file. Somehow user "atlas" got removed from the application group therefore didn't had read permission on spnego.service.keytab file. Once we given read permission issue got resolved. Thanks

View solution in original post

Don't have an account?
Coming from Hortonworks? Activate your account here