hi, @Akhil S Naik is correct, my memory was on the limit, do you know why i can't change the configuration of the different services on ambari? i have to add an SmartSense ID to start it ... View more

thanks @Akhil S Naik i believe that the error was resolved ... View more

Hi Amarnath, Will this work for Oozie? If not do you have similar log4j setting for oozie? Thanks, Sajin ... View more

Andy\Amarnath, My question was initially why my expected outcome was not working and why this other format did work. Along the way, I believe my question was answered, assuming my understanding is correct. I did't want to dive to deep as I thought it may be outside the scope of my initial post. Since the conversation has gone that way tho, Andy is correct. I did not understand the difference between 1-way SSL and 2-way SSL. Using 1-way SSL (keystore only) all HTTPS connections are accepted regardless if the source is who we are expecting or not. Using 2-way SSL only HTTPS connections are accepted but now we must verify who the source is by authenticating with a private key & server certificate that can be authenticated by my truststore. My use case for this knowledge, is we are promoting projects between our Dev & Prod clusters. I wanted to ensure we had the correct security in place to proceed. The developers are wanting 1-way SSL but I lacked the knowledge at the time to make it work and only had 2-way. They were upset because this required more data to be sent via REST protocol using 2-way. Now that I understand each protocol, I will not allow to them proceed to Production with their architecture without 2-way SSL. Originally, I was simply ignorant of how to setup 1-way SSL, without understanding the security hole it would make. Thank you both for your time and effort in reviewing this concept. ... View more

@amarnath reddy pappu, I followed these steps but when I login to ambari, it is successfully getting redirected to knox gateway and after i give credentials it goes to ambari ui and then coming back to knox gateway log in screen. Could you please suggest. Opened questions in community also: https://community.hortonworks.com/questions/242895/knox-sso-not-working-for-ambari.html ... View more

Hi @Saurabh, Please login and accept the answer if this helped you. ... View more

@amarnath reddy pappu @mqureshi, @Kuldeep Kulkarni, @Gerd Koenig, @Andrew Ryansmaple-mapreduce-job-error.txtmapreduce-error-in-hive-wiht-beeline.txt We have enabled SSL/TLS on HDP cluster by following @amarnath reddy pappu blog : https://community.hortonworks.com/articles/52875/enable-https-for-hdfs.html and HDP documentation. Almost all service opening on Https defined port. But Only issue we are currently facing is : MAP REDUCE JOBS ARE NOT LAUNCHING We use hive through beeline connector. While executing query we receive error : WARNING: Hive-on-MR is deprecated in Hive 2 and may not be available in the future versions. Consider using a different execution engine (i.e. spark, tez) or using Hive 1.X releases. Error: Error while processing statement: FAILED: Execution Error, return code 1 from org.apache.hadoop.hive.ql.exec.mr.MapRedTask. java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty (state=08S01,code=1) Tried a Sample Map reduce Job alone as well. That also got failed. Error is long so attaching here. I would appreciate your help. 🙂 ... View more