Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Namenode/Resource Manager Active/stanby status not shown after enabling SSL

Namenode/Resource Manager Active/stanby status not shown after enabling SSL

Explorer

CDH; 5.15.2

CM: 5.15.0

Environment: On-prem

Total Nodes: 3

I'm facing a weird issue after enabling SSL(level 0) using self-signed certs where I'm not able to see the Active/standby state for Namenode as well for Resource Manager for one out of the two roles. When I check from the backend using hdfs haadmin -getServiceState command, it gives the expected result. Also the failover is working fine. The role is in healthy state but in HDFS/YARN it is showing that the service monitor did not find and active/standby Namenode/Resource Manager.

I tried migrating this other role to another node, but still the same result.

Inkednamenode unknown status_LI.jpgInkedRM unknown status.jpg

After checking logs for the affected Namenode/RM role, it shows the below warning:

 

Dev- namenode logs.PNG

 

Also, I checked the Service monitor logs, it is giving the below error;

 

Could not read URL: https://xx.xx.xx.xx:8090/ws/v1/cluster/info javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found.

 

I've configured a truststore which is same across al the hosts and a keystore for each of the nodes. All the certificates look good from the backend when i check with the keytool -v -list -keystore command. Not sure what I'm missing out. Any help will be really appreciated.

 

Don't have an account?
Coming from Hortonworks? Activate your account here