Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

HDFS rest encryption zone unable to find valid certification path

Labels:
avatar
author-rank Vikas1
Rising Star

Created ‎04-04-2016 10:49 AM

Cluster having the rest encryption enabled, I am able to create keys using "#hdfs key create mykey1" but not able to create encryption zone on hdfs directories.

Please find below steps for reference

-bash-4.1$ hadoop key list

Listing keys for KeyProvider: KMSClientProvider[https://fqdn:port/kms/v1/]

mykey2

mykey1

I got below error when I am going to assign encryption zone to hdfs empty dir.

-sh-4.1$ hdfs crypto -createZone -keyName mykey1 -path /user/xxxx/zone1

RemoteException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

2,155 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Vikas1
Rising Star

Created ‎04-04-2016 12:51 PM

Resolved: Enabled Kerberos Authentication for HTTP Web-Consoles (HDFS) and regenerated missing kerberos credentials

After changes done, I got below output.

-bash-4.1$ hdfs crypto -createZone -keyName mykey1 -path /user/xxxx/zone1

Added encryption zone /user/xxxx/zone1

-bash-4.1$

View solution in original post

1,817 Views
3 REPLIES 3

avatar
author-rank Vikas1
Rising Star

Created ‎04-04-2016 12:51 PM

Resolved: Enabled Kerberos Authentication for HTTP Web-Consoles (HDFS) and regenerated missing kerberos credentials

After changes done, I got below output.

-bash-4.1$ hdfs crypto -createZone -keyName mykey1 -path /user/xxxx/zone1

Added encryption zone /user/xxxx/zone1

-bash-4.1$

1,818 Views

avatar
author-rank Rakesh Gupta
Contributor

Created ‎07-20-2016 05:09 PM

I am facing a simillar issue, i am kind of new to the kms. it would really help if you can elaborate on the steps.

1,817 Views
0 Kudos

avatar
author-rank sashakhan150
New Contributor

Created ‎05-18-2019 08:23 AM

Encryption keys are the most important aspect of encryption. Encrypted messages because most of the information involved in etc to eur transactions is largely public.

1,817 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements