Support Questions
Find answers, ask questions, and share your expertise

Importing Truststore fails ldap connectivity

Highlighted

Importing Truststore fails ldap connectivity

Explorer

Hi Team,

Iam trying to enable Capacity scheduler view in Ambari. For that I tried importing .crt file and added below entries in the Ambari.properties file. Now my capacity scheduler view is working but I lost my connectivity with ldap. So I can only login as a local amabri user and see the capacity scheduler view. If I don't import the Truststore file iam getting below error

java.lang.IllegalStateException: Can't get secure connection to https://****.*******:8443/api/v1/clusters/hdpi_int_lab/. Truststore path or password is not set.

2 REPLIES 2

Re: Importing Truststore fails ldap connectivity

Have you tried the following method? Then import subsequent certificates using option 5 with different aliases.

https://docs.hortonworks.com/HDPDocuments/Ambari-2.1.2.0/bk_Ambari_Security_Guide/content/_set_up_tr...

Highlighted

Re: Importing Truststore fails ldap connectivity

I agree with @dvillarreal. It seems like you (@suresh krish) overwrote the truststore with the LDAP server's certificate (or CA certificate) with one that only has the certificate or CA certificate for whatever the Capacity Scheduler needs. However you need to have both in the same truststore since only a single truststore is supported - which is common practice.

So you need to import the LDAP server's certificate (or CA certificates) into the same truststore you have configured. It should work like how you did it originally, but instead of choosing the LDAP server truststore file, use the truststore file you used when solving the Capacity Scheduler issue. Or you can use the method David refers to.