Member since
12-18-2019
3
Posts
0
Kudos Received
1
Solution
My Accepted Solutions
Title | Views | Posted |
---|---|---|
2048 | 12-19-2019 07:48 AM |
12-19-2019
07:48 AM
Hi , When i passed to level3 .all seems good and well-configured . The error is not been re-showen again . Thanks.
... View more
12-19-2019
03:28 AM
Hi , Thanks for your support and all cloudera team. i resolved that by ,adding my rootca to my cloudera keystore and trustore .Then i reconfigured the agent config.ini to point to the rootca.pem . But when i inspect host i got this error .(i am using cdh 6.1.1 on ubuntu 16.04)
... View more
12-18-2019
07:59 AM
Hi ,
I am running free trial cloudera in pseudo-distributed mod (One host, the server and agent are the same).i am trying now to enable tls/ssl for my cluster
-Level 1 succedeed https://datastore.xxx.fr:7183 tuns correctly with no problem
When i configure level N2 of tls/ssl ,cloudera manager agent fails to connect !.
In CM server fails to have heartbeat:
when i checked :tail -f /var/log/cloudera-scm-agent/cloudera-scm-agent.log
I got ERROR :
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 292, in connect_ssl return m2.ssl_connect(self.ssl, self._timeout) SSLError: certificate verify failed
The agent config files :
server_host=datastore.xxx.fr
server_port=7182
# Use TLS and certificate validation when connecting to the CM server. use_tls=1
max_cert_depth=9
verify_cert_file=/opt/cloudera/security/x509/cmhost.pem
---the cmhost.pem get my certifcate correctly
---when i run :
sudo openssl s_client -connect datastore.xxx.fr:7182 < /opt/cloudera/security/x509/cmhost.pem
i got :
CONNECTED(00000003) depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = xxx.fr verify return:1 --- Certificate chain 0 s:/CN=xxx.fr i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 i:/O=Digital Signature Trust Co./CN=DST Root CA X3
........
........
Verify return code: 0 (ok) --- DONE
?
... View more
Labels:
- Labels:
-
Cloudera Manager