Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

ambari server problem 3

Labels:
avatar
author-rank Manoj690
Contributor

Created on ‎08-21-2019 01:47 AM - last edited on ‎08-21-2019 03:45 AM by Community Manager Community Manager

 Caused by: java.sql.SQLException: Connections using insecure transport are prohibited while --require_secure_transport=ON. at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:965) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3973)

1,874 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jsensharma author-rank
Master Mentor

Created on ‎08-21-2019 01:55 AM - edited ‎08-21-2019 01:57 AM

@Manoj690 

As we see the mentioned message "require_secure_transport=ON" in your exception

which indicates that you might have configured your MySQL to allow secure connections.  You can find that setting inside the "/etc/my.cnf"

 

Option-1). Hence ether you will need to disable that setting from mysql config and restart MySQL. If it is ON means it is enabled.

 

# grep 'require_secure_transport' /etc/my.cnf
require_secure_transport = OFF

# systemctl restart mysql.service

 


Option-2). OR you will need to Get the MySQL service certificate and then make sure that you import the MySQL certificate inside the AmbariServer truststore OR insie the JDK cacert in which your AmbariServer is running.

Example: Importing MySQL CA Certificate in AmbariServer's JDK Truststore :

 

# /usr/jdk64/jdk1.8.0_112/bin/keytool -import -file /tmp/mysql_cert.pem -alias mysql_ambari -keystore /usr/jdk64/jdk1.8.0_112/jre/lib/security/cacerts

 


The restart AmbariServer.

 

# ambari-server restart

 


.

View solution in original post

1,868 Views
0 Kudos
4 REPLIES 4

avatar
author-rank jsensharma author-rank
Master Mentor

Created on ‎08-21-2019 01:55 AM - edited ‎08-21-2019 01:57 AM

@Manoj690 

As we see the mentioned message "require_secure_transport=ON" in your exception

which indicates that you might have configured your MySQL to allow secure connections.  You can find that setting inside the "/etc/my.cnf"

 

Option-1). Hence ether you will need to disable that setting from mysql config and restart MySQL. If it is ON means it is enabled.

 

# grep 'require_secure_transport' /etc/my.cnf
require_secure_transport = OFF

# systemctl restart mysql.service

 


Option-2). OR you will need to Get the MySQL service certificate and then make sure that you import the MySQL certificate inside the AmbariServer truststore OR insie the JDK cacert in which your AmbariServer is running.

Example: Importing MySQL CA Certificate in AmbariServer's JDK Truststore :

 

# /usr/jdk64/jdk1.8.0_112/bin/keytool -import -file /tmp/mysql_cert.pem -alias mysql_ambari -keystore /usr/jdk64/jdk1.8.0_112/jre/lib/security/cacerts

 


The restart AmbariServer.

 

# ambari-server restart

 


.

1,869 Views
0 Kudos

avatar
author-rank Manoj690
Contributor

Created ‎08-21-2019 02:04 AM

if i run this command its asking keyword password:  (what was the password)

 

/usr/jdk64/jdk1.8.0_112/bin/keytool -import -file /tmp/mysql_cert.pem -alias mysql_ambari -keystore /usr/jdk64/jdk1.8.0_112/jre/lib/security/cacerts
Enter keystore password:

1,865 Views
0 Kudos

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎08-21-2019 02:05 AM

Password is "changeit" which is default cacert password.

1,861 Views
0 Kudos

avatar
author-rank Manoj690
Contributor

Created ‎08-21-2019 02:06 AM

Thanks a lot

 

finally ambari server started

1,860 Views
0 Kudos
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics 1.14 for Cloudera Pu...
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
View More Announcements