CM&CDH version is Cloudera Enterprise 5.8.2, KEYTRUSTEE parcel version is 5.8.2-5.KEYTRUSTEE5.8.2.p0.1, KEYTRUSTEE_SERVER parcel version is 5.8.0-1.keytrustee5.8.0.p0.10. Encoutered two quesitons below during setting up HDFS data at rest encryption via Cloudera manager. 1. Passive database role failed to start, other roles(Active/Passive Key Trustee Server, Active Database) started successfully. Found the following fragment in stderr log of passive database. + exec /opt/cloudera/parcels/KEYTRUSTEE_SERVER-5.8.0-1.keytrustee5.8.0.p0.10/meta/../PG_DB/opt/postgres/9.3/bin/postmaster -D /var/lib/keytrustee/db postmaster cannot access the server configuration file "/var/lib/keytrustee/db/postgresql.conf": No such file or directory The folder /var/lib/keytrustee/db/ is actually empty. I tried to copy files missed from the active database, but got the following error: FATAL: could not load server certificate file "server.crt": No such file or directory I don't sure where to find the file "server.crt" 2. The command "keytrustee-orgtool add -n my.com -c root@localhost" always hangs when setuping organization and authorization secret for KMS, even if pressed "ctrl+c" keys can not also interrupt it. Of course, the result to execute "keytrustee-orgtool list" is empty. I don't sure whether there is a relation between the two probelems. Any ideas can be appreciated!
... View more