Support Questions

rickmorty · ‎06-27-2018

CentOS 6 / ambari 2.5.0 + ranger 0.7.1 with kerberos enable.

when try to get key list thru ranger admin web ui, an error popped up:

"Connection refused : Please check the KMS provider URL and whether the Ranger KMS is running"

I checked KMS service, which is up and running.

KMS service log only got one ERROR: "RangerKMSDB - DB Flavor could not be determined" which i think is not important.

thank you for your help!

rickmorty · ‎06-28-2018

Turn out my kms ranger repo not config correctly.

Thank you Geoffrey

View solution in original post

Shelton · ‎06-27-2018

@kiwi z

Can you see any error messages in /var/log/ranger/kms/catalina.out thats the startup logfile. If you see message about InvalidKeyException like below

java.security.InvalidKeyException:Illegal key size        
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)

That indicates JCE issue so install JDK JCE and that should resolve the issue distribute and install JCE on all nodes.

HTH

rickmorty · ‎06-28-2018

Turn out my kms ranger repo not config correctly.

Thank you Geoffrey

Shelton · ‎06-28-2018

@kiwi z

Could you share your solution so that other members who encounter the same situation could have a quick solution

rickmorty · ‎06-29-2018

In Ranger Admin Web for KMS, at service management section, you can config ranger kms provider url, which is not correct on automatically creation.

Cloudera Community

Support Questions

Ranger KMS get key list says " Connection refused: Please check the KMS provider URL"