Member since
10-23-2019
11
Posts
2
Kudos Received
0
Solutions
01-22-2020
07:37 AM
1 Kudo
@lyubomirangelo Thank you! Going through the wizard (ambari-server setup-security) fixed my issue. I just needed to point to the new key and certificate chain file, then restart.
... View more
01-21-2020
08:39 AM
The node certificates on my cluster are expiring soon so I have installed new ones, including on the node that has ambari-server. However, after restarting ambari server, ambari agent, and even the node itself, the old certificate still shows. I've tried also clearing cache and cookies for all time on my browser, but it doesn't work and the old cert even shows up on IE. I've tried the same methodology for other nodes in the cluster and it has worked, so why isn't it working for the ambari node? (ambari-server is set up through an https port)
... View more
Labels:
- Labels:
-
Apache Ambari
-
Apache Hadoop
01-17-2020
03:39 PM
1 Kudo
I just recently imported a certificate chain into the keystore that NiFi points to, on 3 NiFi nodes, call them node1, node2 and node3. The truststore.jks file so far has been unedited. Testing out the SSL handshakes between nodes, I get: SSL handshake has read 4537 bytes and written 495 bytes
...
return code: 0 (ok) Executed from node 2 requesting node 1 (using the same port configured in NiFi SSL settings in Ambari) Similarly other combinations also were successful, (node1 -> node2, node3 -> node1, etc.) However, when after the certificate import and then restarting NiFi, trying the NiFi UI, it shows that the cluster has been disconnected. Furthermore, it shows that the SSL handshakes are failing: Attempt to contact NiFi Node https://node2:port/nifi did not complete due to exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Attempt to contact NiFi Node https://node3:port/nifi did not complete due to exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Attempt to contact NiFi Node https://node1:port/nifi did not complete due to exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. What is going on here? Why isn't the SSL handshake working through NiFi?
... View more
Labels:
- Labels:
-
Apache Ambari
-
Apache NiFi