[ https://issues.apache.org/jira/browse/HADOOP-15519?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gabor Bota resolved HADOOP-15519. --------------------------------- Resolution: Duplicate > KMS fails to read the existing key metadata after upgrading to JDK 1.8u171 > --------------------------------------------------------------------------- > > Key: HADOOP-15519 > URL: https://issues.apache.org/jira/browse/HADOOP-15519 > Project: Hadoop Common > Issue Type: Bug > Components: kms > Affects Versions: 2.7.3 > Reporter: Vipin Rathor > Priority: Critical > > Steps to reproduce are: > a. Setup a KMS with any OpenJDK 1.8 before u171 and create few KMS keys. > b. Update KMS to run with OpenJDK 1.8u171 JDK and keys can't be read > anymore, as can be seen below > {code:java} > hadoop key list -metadata > <keyname> : null > {code} > c. Going back to earlier JDK version fixes the issue. > > There are no direct error / stacktrace in kms.log when it is not able to read > the key metadata. Only Java serialization INFO messages are printed, followed > by this one empty line in log which just says: > {code:java} > ERROR RangerKeyStore - > {code} > In some cases, kms.log can also have these lines: > {code:java} > 2018-05-18 10:40:46,438 DEBUG RangerKmsAuthorizer - <== > RangerKmsAuthorizer.assertAccess(null, rangerkms/node1.host....@env.com > (auth:KERBEROS), GET_METADATA) > 2018-05-18 10:40:46,598 INFO serialization - ObjectInputFilter REJECTED: > class org.apache.hadoop.crypto.key.RangerKeyStoreProvider$KeyMetadata, array > length: -1, nRefs: 1, depth: 1, bytes: 147, ex: n/a > 2018-05-18 10:40:46,598 ERROR RangerKeyStore - > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org