[
https://issues.apache.org/jira/browse/HADOOP-15519?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gabor Bota resolved HADOOP-15519.
---------------------------------
Resolution: Duplicate
> KMS fails to read the existing key metadata after upgrading to JDK 1.8u171
> ---------------------------------------------------------------------------
>
> Key: HADOOP-15519
> URL: https://issues.apache.org/jira/browse/HADOOP-15519
> Project: Hadoop Common
> Issue Type: Bug
> Components: kms
> Affects Versions: 2.7.3
> Reporter: Vipin Rathor
> Priority: Critical
>
> Steps to reproduce are:
> a. Setup a KMS with any OpenJDK 1.8 before u171 and create few KMS keys.
> b. Update KMS to run with OpenJDK 1.8u171 JDK and keys can't be read
> anymore, as can be seen below
> {code:java}
> hadoop key list -metadata
> <keyname> : null
> {code}
> c. Going back to earlier JDK version fixes the issue.
>
> There are no direct error / stacktrace in kms.log when it is not able to read
> the key metadata. Only Java serialization INFO messages are printed, followed
> by this one empty line in log which just says:
> {code:java}
> ERROR RangerKeyStore -
> {code}
> In some cases, kms.log can also have these lines:
> {code:java}
> 2018-05-18 10:40:46,438 DEBUG RangerKmsAuthorizer - <==
> RangerKmsAuthorizer.assertAccess(null, rangerkms/node1.host....@env.com
> (auth:KERBEROS), GET_METADATA)
> 2018-05-18 10:40:46,598 INFO serialization - ObjectInputFilter REJECTED:
> class org.apache.hadoop.crypto.key.RangerKeyStoreProvider$KeyMetadata, array
> length: -1, nRefs: 1, depth: 1, bytes: 147, ex: n/a
> 2018-05-18 10:40:46,598 ERROR RangerKeyStore -
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org
