[
https://issues.apache.org/jira/browse/HADOOP-17699?focusedWorklogId=597927&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-597927
]
ASF GitHub Bot logged work on HADOOP-17699:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 17/May/21 18:12
Start Date: 17/May/21 18:12
Worklog Time Spent: 10m
Work Description: xiaoyuyao opened a new pull request #3016:
URL: https://github.com/apache/hadoop/pull/3016
## NOTICE
Please create an issue in ASF JIRA before opening a pull request,
and you need to set the title of the pull request which starts with
the corresponding JIRA issue number. (e.g. HADOOP-XXXXX. Fix a typo in YYY.)
For more details, please see
https://cwiki.apache.org/confluence/display/HADOOP/How+To+Contribute
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 597927)
Time Spent: 50m (was: 40m)
> Remove hardcoded SunX509 usage from SSLFactory
> ----------------------------------------------
>
> Key: HADOOP-17699
> URL: https://issues.apache.org/jira/browse/HADOOP-17699
> Project: Hadoop Common
> Issue Type: Bug
> Reporter: Xiaoyu Yao
> Assignee: Xiaoyu Yao
> Priority: Major
> Labels: pull-request-available
> Time Spent: 50m
> Remaining Estimate: 0h
>
> In SSLFactory.SSLCERTIFICATE, used by FileBasedKeyStoresFactory and
> ReloadingX509TrustManager, there is a hardcoded reference to "SunX509" which
> is used to get a KeyManager/TrustManager. This KeyManager type might not be
> available if using the other JSSE providers, e.g., in FIPS deployment.
>
> {code:java}
> WARN org.apache.hadoop.hdfs.web.URLConnectionFactory: Cannot load customized
> ssl related configuration. Fall
> back to system-generic settings.
> java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not
> available
> at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
> at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:137)
> at
> org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory.init(FileBasedKeyStoresFactory.java:186)
> at org.apache.hadoop.security.ssl.SSLFactory.init(SSLFactory.java:187)
> at
> org.apache.hadoop.hdfs.web.SSLConnectionConfigurator.<init>(SSLConnectionConfigurator.java:50)
> at
> org.apache.hadoop.hdfs.web.URLConnectionFactory.getSSLConnectionConfiguration(URLConnectionFactory.java:100)
> at
> org.apache.hadoop.hdfs.web.URLConnectionFactory.newDefaultURLConnectionFactory(URLConnectionFactory.java:79)
> {code}
> This ticket is opened to use the DefaultAlgorithm defined by Java system
> property:
> ssl.KeyManagerFactory.algorithm and ssl.TrustManagerFactory.algorithm.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
