----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74047/#review224542 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On July 6, 2022, 1:09 p.m., Pinal Shah wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74047/ > ----------------------------------------------------------- > > (Updated July 6, 2022, 1:09 p.m.) > > > Review request for atlas, Jayendra Parab, Mandar Ambawane, Radhika Kundam, > and Sidharth Mishra. > > > Bugs: ATLAS-4558 > https://issues.apache.org/jira/browse/ATLAS-4558 > > > Repository: atlas > > > Description > ------- > > **Issue :** When tls is enabled, while running atlasrepair tool, it couldn't > connect to solr because it is unable to find valid certification > > **Fix :** By creating SSLContext > > **Steps :** > > If Kerberos is enabled, > > - kinit -kt /etc/security/keytabs/atlas.service.keytab atlas/fqdn@DOMAIN > - Add below to DEFAULT_JVM_OPTS in repair_index.py > -Djavax.security.auth.useSubjectCredsOnly=false > -Djava.security.auth.login.config=atlas_jaas.conf > > If SSL is enabled, we need to make sure Solr cert or RootCA certificate is > added hence use below atlas-application properties > > - keystore.file <path to keystore jks file> > - truststore.file <path to truststore jks file> > - cert.stores.credential.provider.path <path to jceks file> > > > Diffs > ----- > > intg/src/main/java/org/apache/atlas/utils/SSLUtil.java PRE-CREATION > > tools/atlas-index-repair/src/main/java/org/apache/atlas/tools/RepairIndex.java > 37565188e > > > Diff: https://reviews.apache.org/r/74047/diff/1/ > > > Testing > ------- > > Manually tested on SSL enabled cluster > > > Thanks, > > Pinal Shah > >
