Cloudera Community
pbhagade
user rank
user rank
Expert Contributor
My Accepted Solutions
Show All

Re: Error 403 Unauthorized request in Solr Admin U...

by Explorer in Support Questions
‎11-02-2022 07:06 AM
‎11-02-2022 07:06 AM
got the same error, have you found the solution. ... View more

Re: Apache Ranger and Atlas

by Explorer in Support Questions
‎02-07-2022 06:21 AM
‎02-07-2022 06:21 AM
Thank you very much   ... View more

Re: Not able to upload a simple file using Ambari ...

by Contributor in Support Questions
‎01-20-2022 02:44 PM
‎01-20-2022 02:44 PM
@pbhagade Could you please give us the procedure to follow? It issue started to append after changing expired cetificat installed on each hosts of the hadoop cluster. The certicats were renewed but it seems that multiple service on the cluster are acting different and are generating error message like the one below: 2022-01-19 14:09:28,000 WARN AuthenticationToken ignored: org.apache.hadoop.security.authentication.util.SignerException: Invalid signature 2022-01-19 14:09:28,000 WARN Authentication exception: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)   ... View more

Re: Connection failed on HIVE server

by Expert Contributor Expert Contributor in Support Questions
‎01-20-2022 03:31 AM
‎01-20-2022 03:31 AM
Did u see these alerts once you enabled SSL in the cluster? ... View more

Re: Ranger: Error running solr query

by Expert Contributor Expert Contributor in Support Questions
‎12-01-2021 03:01 AM
‎12-01-2021 03:01 AM
Increase Solr Heap and restart the service, See if it fixes the issue ... View more

Re: Ranger KMS + why files that copy to encrypted ...

by Expert Contributor Expert Contributor in Support Questions
‎12-01-2021 02:55 AM
‎12-01-2021 02:55 AM
HI @mike_bronson7 , Please go through the link https://www.youtube.com/watch?v=GjswCzMaW9k Let us know if you have any concerns. ... View more

Re: Add Users to Ranger via RESTAPI

by Expert Contributor Expert Contributor in Support Questions
‎11-29-2021 01:52 AM
1 Kudo
‎11-29-2021 01:52 AM
1 Kudo
Yes, you need to add one user at a time, You cannot add multiple users in a single JSON file. ... View more

Re: How to configure Zeppelin for Active Directory...

by Cloudera Employee in Community Articles
‎11-17-2021 07:20 AM
‎11-17-2021 07:20 AM
Please try the below steps, this can happen if /tmp mount point is mounted with noexec option... - Create a new directory under any directory(ex /data/tmp) with exec permission and to test provide 777 permissions for newly created dir. - Update the config in zeppelin config as below and restart the zeppelin. CM UI --> Zeppelin --> Config --> "Zeppelin Server Advanced Configuration Snippet (Safety Valve) for zeppelin-conf/zeppelin-env.sh" --> Add export ZEPPELIN_JAVA_OPTS="-Djava.io.tmpdir=<directory name>" example: export ZEPPELIN_JAVA_OPTS="-Djava.io.tmpdir=/data/tmp" - Save changes and restart zeppelin server and verify the login   ... View more

Re: ambari server not running

by Expert Contributor Expert Contributor in Support Questions
‎08-20-2019 03:25 AM
1 Kudo
‎08-20-2019 03:25 AM
1 Kudo
Hi,   We don't share personal information like contacts, As you are facing Ambari Server issue and Agents issue is resolved, Please open a new question for Ambari Server, Also, check the Ambari Server logs you see some exceptions, attach those exceptions. ... View more

Replace Cloudbreak Mini Knox self-signed certifica...

by Expert Contributor Expert Contributor in Community Articles
‎10-05-2017 01:06 PM
2 Kudos
‎10-05-2017 01:06 PM
2 Kudos
Cloudbreak contains mini KNOX which is not managed by Ambari. Below are the steps to replace Self Signed Certificate with CA Signed Certificates Step 1: Remove below two entries from /usr/hdp/current/knox-server/conf/gateway-site.xml and save it. <property> <name>gateway.signing.keystore.name</name> <value>signing.jks</value> </property> <property> <name>gateway.signing.key.alias</name> <value>signing-identity</value> </property> Step 2: Take a backup of original configuration: [~]$ cd /usr/hdp/current/knox-server/data/security/keystores/ [~]$ mkdir backup [~]$ mv __gateway-credentials.jceks gateway.jks backup/ Step 3: Create a keystore in PKCS12 format from your private key file, certificate, Intermediate certificate and root certificate [~]$ openssl pkcs12 -export -out corp_cert_chain.pfx -inkey <private-key>.key -in <cert.cer> -certfile <root_intermediate>.cer -certfile <root_ca>.cer Step 4: Regenerate Master Key. Use the same password for master key and keystore. # rm -rf /usr/hdp/current/knox-server/data/security/master # ls -l /usr/hdp/current/knox-server/data/security/master # /usr/hdp/current/knox-server/bin/knoxcli.sh create-master Step 5: Generate Knox keystore [~]$ cp corp_cert_chain.pfx /usr/hdp/current/knox-server/data/security/keystores/ [~]$ cd /usr/hdp/current/knox-server/data/security/keystores/ [~]$ keytool -importkeystore -srckeystore corp_cert_chain.pfx -srcstoretype pkcs12 -destkeystore gateway.jks -deststoretype jks -srcstorepass <src-keystore-password> -deststorepass <knox-master-secret> -destkeypass <knox-master-secret> Step 6: Replace the alias of keystore keytool -changealias -alias "1" -destalias "gateway-identity" -keypass keypass -keystore gateway.jks-storepass storepass Step 7: Store the keystore password in jceks file [~]$ /usr/hdp/current/knox-server/bin/knoxcli.sh create-alias gateway-identity-passphrase --value <knox-master-secret> Step 8: Restart Knox, you should see the below-highlighted lines in your knox logs [~]$ tail –f /var/log/knox/gateway.log ... View more
Contact Me
Online
Offline
Last Visited
‎04-06-2022 06:29 AM
Community Statistics
Member Since ‎05-22-2017 08:41 AM
Last Visited ‎04-06-2022 06:29 AM
Posts 56
Kudos received 12