[
https://issues.apache.org/jira/browse/AMBARI-11919?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14617542#comment-14617542
]
Velmurugan Periasamy commented on AMBARI-11919:
-----------------------------------------------
Thanks [~srimanth.gunturi]. Verified the below with the patch
1] Updated {{kms_port}} and verified right recommendations are generated and
HDFS config values persisted in {{hadoop.security.key.provider.path}} and
{{dfs.encryption.key.provider.uri}}
2] Enabled SSL for KMS (changed {{ranger.service.https.attrib.ssl.enabled}})
and verified right recommendations are generated and HDFS config values
persisted in {{hadoop.security.key.provider.path}} and
{{dfs.encryption.key.provider.uri}}
> After wire encryption, KMS client config (hdfs-site.xml and core-site.xml)
> should be updated to include https in URI
> --------------------------------------------------------------------------------------------------------------------
>
> Key: AMBARI-11919
> URL: https://issues.apache.org/jira/browse/AMBARI-11919
> Project: Ambari
> Issue Type: Bug
> Components: contrib
> Affects Versions: 2.1.0
> Reporter: Srimanth Gunturi
> Assignee: Srimanth Gunturi
> Fix For: 2.1.0
>
> Attachments: AMBARI-11919.patch, AMBARI-11919_2.patch
>
>
> {{hadoop.security.key.provider.path (in core-site.xml)}} and
> {{dfs.encryption.key.provider.uri (in hdfs-site.xml)}} should be updated to
> include https in the URI, when Ranger KMS is SSL enabled.
> When SSL is enabled for Ranger KMS,
> {{ranger.service.https.attrib.ssl.enabled}} will be true in KMS config (in
> Custom ranger-kms-site section)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
