Created 04-04-2016 10:49 AM
Cluster having the rest encryption enabled, I am able to create keys using "#hdfs key create mykey1" but not able to create encryption zone on hdfs directories.
Please find below steps for reference
-bash-4.1$ hadoop key list
Listing keys for KeyProvider: KMSClientProvider[https://fqdn:port/kms/v1/]
mykey2
mykey1
I got below error when I am going to assign encryption zone to hdfs empty dir.
-sh-4.1$ hdfs crypto -createZone -keyName mykey1 -path /user/xxxx/zone1
RemoteException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Created 04-04-2016 12:51 PM
Resolved: Enabled Kerberos Authentication for HTTP Web-Consoles (HDFS) and regenerated missing kerberos credentials
After changes done, I got below output.
-bash-4.1$ hdfs crypto -createZone -keyName mykey1 -path /user/xxxx/zone1
Added encryption zone /user/xxxx/zone1
-bash-4.1$
Created 04-04-2016 12:51 PM
Resolved: Enabled Kerberos Authentication for HTTP Web-Consoles (HDFS) and regenerated missing kerberos credentials
After changes done, I got below output.
-bash-4.1$ hdfs crypto -createZone -keyName mykey1 -path /user/xxxx/zone1
Added encryption zone /user/xxxx/zone1
-bash-4.1$
Created 07-20-2016 05:09 PM
I am facing a simillar issue, i am kind of new to the kms. it would really help if you can elaborate on the steps.
Created 05-18-2019 08:23 AM
Encryption keys are the most important aspect of encryption. Encrypted messages because most of the information involved in etc to eur transactions is largely public.