[
https://issues.apache.org/jira/browse/HADOOP-15315?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16399151#comment-16399151
]
Ganesh commented on HADOOP-15315:
---------------------------------
{code}
/*
* Should SSL be used to connect to the server
*/
public static final String LDAP_USE_SSL_KEY = LDAP_CONFIG_PREFIX + ".ssl";
in setConf:
useSsl = conf.getBoolean(LDAP_USE_SSL_KEY, LDAP_USE_SSL_DEFAULT);
// we set this to true in our config (core-site.xml)
keystore = conf.get(LDAP_KEYSTORE_KEY, LDAP_KEYSTORE_DEFAULT);
keystorePass = getPassword(conf, LDAP_KEYSTORE_PASSWORD_KEY,
LDAP_KEYSTORE_PASSWORD_DEFAULT);
in getDirContext
// Set up SSL security, if necessary
if (useSsl)
{ env.put(Context.SECURITY_PROTOCOL, "ssl");
System.setProperty("javax.net.ssl.keyStore", keystore);
System.setProperty("javax.net.ssl.keyStorePassword", keystorePass); }
{code}
+++++++++++++
changed in yarn-env.sh (for RM)
YARN_RESOURCEMANAGER_OPTS="...
-Djavax.net.ssl.trustStore=<path-to-keystore.jks>
-Djavax.net.ssl.trustStorePassword=XXXXX"
/etc/init.d/resourcemanager restart
yarn rmadmin -getGroups <myusername>
<myusername> : groupA groupB groupC
> LDAP over SSL does not work with LdapGroupMapping.java
> -------------------------------------------------------
>
> Key: HADOOP-15315
> URL: https://issues.apache.org/jira/browse/HADOOP-15315
> Project: Hadoop Common
> Issue Type: Bug
> Components: common
> Affects Versions: 2.7.4
> Reporter: Ganesh
> Priority: Major
>
> Java System properties for SSL server auth should be
> javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword instead of
> javax.net.ssl.keyStore and javax.net.ssl.keytStorePassword
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
