[
https://issues.apache.org/jira/browse/AMBARI-11919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Srimanth Gunturi reopened AMBARI-11919:
---------------------------------------
The values do not get updated when {{kms-env/kms_port}} is changed. Also,
currently we give priority to {{hadoop-env/keyserver_host}} and
{{hadoop-env/keyserver_port}} even when Ranger-KMS service is installed. This
has to be changed to give priority to Ranger-KMS over hadoop-env configs.
> After wire encryption, KMS client config (hdfs-site.xml and core-site.xml)
> should be updated to include https in URI
> --------------------------------------------------------------------------------------------------------------------
>
> Key: AMBARI-11919
> URL: https://issues.apache.org/jira/browse/AMBARI-11919
> Project: Ambari
> Issue Type: Bug
> Components: contrib
> Affects Versions: 2.1.0
> Reporter: Srimanth Gunturi
> Assignee: Srimanth Gunturi
> Fix For: 2.1.0
>
> Attachments: AMBARI-11919.patch
>
>
> {{hadoop.security.key.provider.path (in core-site.xml)}} and
> {{dfs.encryption.key.provider.uri (in hdfs-site.xml)}} should be updated to
> include https in the URI, when Ranger KMS is SSL enabled.
> When SSL is enabled for Ranger KMS,
> {{ranger.service.https.attrib.ssl.enabled}} will be true in KMS config (in
> Custom ranger-kms-site section)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
