This is an automated email from the ASF dual-hosted git repository.
dhavalshah9131 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new a82ec7b49 RANGER-5199 : Connection to Ranger KMS DB fails with secure
MySQL/maria DB (#562)
a82ec7b49 is described below
commit a82ec7b49d8f5b590fbd8a84e55a213b8cba6047
Author: dhavalshah9131 <35031652+dhavalshah9...@users.noreply.github.com>
AuthorDate: Mon May 12 14:10:04 2025 +0530
RANGER-5199 : Connection to Ranger KMS DB fails with secure MySQL/maria DB
(#562)
---
.../java/org/apache/hadoop/crypto/key/RangerKMSDB.java | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
index 54aa97107..7fa19e723 100755
--- a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
+++ b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
@@ -162,7 +162,8 @@ private int getDBFlavor(Configuration newConfig) {
private void updateDBSSLURL() {
if (conf != null && conf.get(PROPERTY_PREFIX + DB_SSL_ENABLED) !=
null) {
final String dbSslEnabled = normalize(conf.get(PROPERTY_PREFIX +
DB_SSL_ENABLED));
-
+ String rangerJpaJdbcUrl = conf.get(PROPERTY_PREFIX + DB_URL);
+ int dbFlavor = getDBFlavor(conf);
if ("true".equalsIgnoreCase(dbSslEnabled)) {
final String dbSslRequired =
normalize(conf.get(PROPERTY_PREFIX + DB_SSL_REQUIRED));
final String dbSslVerifyServerCertificate =
normalize(conf.get(PROPERTY_PREFIX + DB_SSL_VerifyServerCertificate));
@@ -173,13 +174,9 @@ private void updateDBSSLURL() {
conf.set(PROPERTY_PREFIX + DB_SSL_VerifyServerCertificate,
dbSslVerifyServerCertificate);
conf.set(PROPERTY_PREFIX + DB_SSL_AUTH_TYPE, dbSslAuthType);
- String rangerJpaJdbcUrl = conf.get(PROPERTY_PREFIX + DB_URL);
-
if (StringUtils.isNotEmpty(rangerJpaJdbcUrl) &&
!rangerJpaJdbcUrl.contains("?")) {
StringBuilder rangerJpaJdbcUrlSsl = new
StringBuilder(rangerJpaJdbcUrl);
- int dbFlavor = getDBFlavor(conf);
-
if (dbFlavor == DB_FLAVOR_MYSQL) {
rangerJpaJdbcUrlSsl.append("?useSSL=").append(dbSslEnabled)
.append("&requireSSL=").append(dbSslRequired)
@@ -244,6 +241,15 @@ private void updateDBSSLURL() {
logger.debug("truststore property '{}' value not
found!", PROPERTY_PREFIX + DB_SSL_TRUSTSTORE);
}
}
+ } else {
+ if(dbFlavor == DB_FLAVOR_MYSQL){
+ if(StringUtils.isNotEmpty(rangerJpaJdbcUrl) &&
!rangerJpaJdbcUrl.contains("?")) {
+ rangerJpaJdbcUrl = rangerJpaJdbcUrl + "?useSSL=" +
dbSslEnabled;
+ conf.set(PROPERTY_PREFIX + DB_URL, rangerJpaJdbcUrl);
+ jpaProperties.put(JPA_DB_URL, conf.get(PROPERTY_PREFIX
+ DB_URL));
+ }
+ }
+
logger.info(PROPERTY_PREFIX+DB_URL+"="+conf.get(PROPERTY_PREFIX + DB_URL));
}
}
}
