Support Questions

Find answers, ask questions, and share your expertise
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.

ambari is unable to make the connection external postgres db with ssl enabled ?

Super Collaborator

Dear Community Members,

I am not able to connect external postgres db with ssl enabled from ambari-server . I have changed jdbc url in file to make the ssl connection( Followed ), but no luck.

Any help much appreciated!

Thank you in advance:)


Super Mentor

@subhash parise

Can you please provide us the complete stack trace of the error that you are receiving after making the changes to the JDBC url in the ?

Also can you please share the URL that you are using ? Better if you can share the output of the following:

# grep 'jdbc' /etc/ambari-server/conf/

Super Collaborator

HI @Jay Kumar SenSharma

I am able to connect by using below connection properties:













if i removed the sslfactory=org.postgresql.ssl.NonValidatingFactory parameter form jdbc url, connection is not working?

Super Mentor

@subhash parise
Here is the reason why you needed to add that "sslfactory=org.postgresql.ssl.NonValidatingFactory" property:

Using SSL without Certificate Validation


In some situations it may not be possible to configure your Java environment to make the server certificate available, for example in an applet. For a large scale deployment it would be best to get a certificate signed by recognized certificate authority, but that is not always an option. The JDBC driver provides an option to establish a SSL connection without doing any validation, but please understand the risk involved before enabling this option.

A non-validating connection is established via a custom SSLSocketFactory class that is provided with the driver. Setting the connection URL parameter sslfactory=org.postgresql.ssl.NonValidatingFactory will turn off all SSL validation.

If you do not want to use that option "sslfactory=org.postgresql.ssl.NonValidatingFactory" to turn off all SSL validation. Then you might have to do the following:

1. Create a Truststore in Ambari

2. Import your Postgres Certificate inside the Ambari truststore.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.