Support Questions

yjiang · ‎05-27-2016

keyadmin user failed to create keys in Ranger KMS. Found the below in kms-audit.log:

2016-05-27 05:58:59,555 UNAUTHENTICATED RemoteHost:10.0.0.163 Method:POST URL:http://xxx:9292/kms/v1/keys?user.name=keyadmin ErrorMsg:'Authentication required'

This is a Kerberos enabled cluster. Following the install document, I have already created keyadmin principal in Kerberos and did the setting in Ranger KMS to use kerberos authentication. I was able to log in into Ranger KMS, but failed creating keys with above UNAUTHENTICATED error.

Although I have keyadmin user created on Ranger user sync node and configured Ranger usersync to use Unix sync, but I couldn't find keyadmin user in Ranger User tab. I am not sure if this relates to the KMS error.

Any idea to solve this?

Thanks,

yjiang · ‎05-28-2016

I solved this issue by change username to keyadmin@REALM.COM from Ranger KMS repository config UI directly.

Configuring this in Ambari Ranger KMS UI and restarting Ranger and Ranger KMS services didn't apply to the actual KMS repository config property.

View solution in original post

rpathak · ‎05-27-2016

Hi @yjiang

Can you try restarting all Ranger services.

Both Ranger KMS and Ranger Admin.

Also verify from Ranger KMS UI that you can see correct principal in Ranger KMS repository configuration.

It should be something like keyadmin@REALM.COM

Login using keyadmin user. Also share screenshots of your configuration.

yjiang · ‎05-27-2016

Hi @Rahul Pathak

I tried restarting all Ranger services but it didn't change the status.

I attached my configuration.

kms-repo-conf.png

ranger-users.png

ranger-permission.png

yjiang · ‎05-28-2016

I solved this issue by change username to keyadmin@REALM.COM from Ranger KMS repository config UI directly.

Configuring this in Ambari Ranger KMS UI and restarting Ranger and Ranger KMS services didn't apply to the actual KMS repository config property.

avijeetd · ‎08-18-2016

@yjiang

Hi, I am having this issue, can you please describe where you changed the username. I have put it in the Ranger-kms / Config / Advanced-kms-properties as keyadmin@REALM.COM

But it is not working, and same error persists.

Thanks for your help.

Avijeet

vi1 · ‎01-25-2023

Hey I am getting error while adding new key to ranger kms web UI..it is saying HTTP STATUS 401-UNAUTHORIZED

VidyaSargur · ‎01-25-2023

@vi1, as this is an older post, you would have a better chance of receiving a resolution by starting a new thread. This will also be an opportunity to provide details specific to your environment that could aid others in assisting you with a more accurate answer to your question. You can link this thread as a reference in your new post.

Regards,

Vidya Sargur,
Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
Learn more about the Cloudera Community:
Community Guidelines
How to use the forum

Support Questions

Cannot Create Key in Ranger KMS