Support Questions
Find answers, ask questions, and share your expertise
Announcements
Check out our newest addition to the community, the Cloudera Innovation Accelerator group hub.

Ranger UI not opening after enabling SSL(6182)

New Contributor

I tried enabling SSL for ranger with the correct Keystore and TrustStore, but the process does not come up on port 6182.I used netstat -plnt| grep 6182. The rangeradmin process comes up on port 6085. I checked the embedded tomcat server alsocoming up in the log file Catalina.out. When I ran service check on Ranger, I got the following error.

2019-01-25 11:05:44,835 - Stack Feature Version Info: Cluster Stack=2.6, Command Stack=None, Command Version=2.6.5.9-1 -> 2.6.5.9-1
2019-01-25 11:05:44,871 - Execute['curl -s -o /dev/null -w'%{http_code}' --negotiate -u: -k https://hdpt08ranger.service.test.group:6182/login.jsp | grep 200'] {'logoutput': True, 'tries': 10, 'try_sleep': 3}
2019-01-25 11:05:44,894 - Retrying after 3 seconds. Reason: Execution of 'curl -s -o /dev/null -w'%{http_code}' --negotiate -u: -k https://hdpt08ranger.service.test.group:6182/login.jsp | grep 200' returned 1.
2019-01-25 11:05:47,922 - Retrying after 3 seconds. Reason: Execution of 'curl -s -o /dev/null -w'%{http_code}' --negotiate -u: -k https://hdpt08ranger.service.test.group:6182/login.jsp | grep 200' returned 1.
2019-01-25 11:05:50,958 - Retrying after 3 seconds. Reason: Execution of 'curl -s -o /dev/null -w'%{http_code}' --negotiate -u: -k https://hdpt08ranger.service.test.group:6182/login.jsp | grep 200' returned 1.
2019-01-25 11:05:53,984 - Retrying after 3 seconds. Reason: Execution of 'curl -s -o /dev/null -w'%{http_code}' --negotiate -u: -k https://hdpt08ranger.service.test.group:6182/login.jsp | grep 200' returned 1.

I think the CURL is unable to connect to host. How to resolve this issue.?

1 REPLY 1

Cloudera Employee

@Nagaraju V, you will need to ensure that the Ranger-Admin service has appropriate read-write permissions for both the keystore and truststore. You can check ranger-admin logs for more details, in addition to the catalina.out file, there will be an additional file created like xa_portal.log or ranger_admin.log, you can check the file for more errors as to what is causing the ranger-admin to not respond.