[jira] [Updated] (RANGER-2034) When ranger.ks.masterkey.password mismatch with DB store hash it outputs into catalina.out

Ernani Pereira de Mattos Junior (JIRA) Thu, 22 Mar 2018 12:51:22 -0700

     [ 
https://issues.apache.org/jira/browse/RANGER-2034?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ernani Pereira de Mattos Junior updated RANGER-2034:
----------------------------------------------------
    Description: 
After unsuccessful migration of Ranger KMS from DB to HSM, the 
ranger.ks.masterkey.password mismatched and thrown the following stack trace; 

 
{code:java}
java.io.IOException: Keystore was tampered with, or password was incorrect 
at 
org.apache.hadoop.crypto.key.RangerKeyStore.engineLoad(RangerKeyStore.java:393) 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider.loadKeys(RangerKeyStoreProvider.java:151)
 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider.reloadKeys(RangerKeyStoreProvider.java:382)
 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider.<init>(RangerKeyStoreProvider.java:111)
 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider$Factory.createProvider(RangerKeyStoreProvider.java:399)
 
at 
org.apache.hadoop.crypto.key.KeyProviderFactory.get(KeyProviderFactory.java:95) 
at 
org.apache.hadoop.crypto.key.kms.server.KMSWebApp.contextInitialized(KMSWebApp.java:177)
 
at 
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5110)
 
at 
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5633)
 
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:145) 
at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1694) 
at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1684) 
at java.util.concurrent.FutureTask.run(FutureTask.java:266) 
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
at java.lang.Thread.run(Thread.java:745) 
Caused by: java.security.UnrecoverableKeyException: Password verification 
failed 
at 
org.apache.hadoop.crypto.key.RangerKeyStore.engineLoad(RangerKeyStore.java:391) 
... 15 more 

ERROR: Hadoop KMS could not be started 
{code}
 

 

The problem that I am bringing to your attention is clearly this is an 
Application Exception. This exception is being output to catalina.out, and the 
kms.log does not indicate any trace of what happen, even with DEBUG enabled. 

My request is to copy or redirect this Application UnrecoverableKeyException to 
the configured Application logging, in this case the kms.log. 

 

  was:
After unsuccessful migration of Ranger KMS from DB to HSM, the 
ranger.ks.masterkey.password mismatched and thrown the following stack trace; 

 
{code:java}
java.io.IOException: Keystore was tampered with, or password was incorrect 
at 
org.apache.hadoop.crypto.key.RangerKeyStore.engineLoad(RangerKeyStore.java:393) 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider.loadKeys(RangerKeyStoreProvider.java:151)
 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider.reloadKeys(RangerKeyStoreProvider.java:382)
 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider.<init>(RangerKeyStoreProvider.java:111)
 
at 
org.apache.hadoop.crypto.key.RangerKeyStoreProvider$Factory.createProvider(RangerKeyStoreProvider.java:399)
 
at 
org.apache.hadoop.crypto.key.KeyProviderFactory.get(KeyProviderFactory.java:95) 
at 
org.apache.hadoop.crypto.key.kms.server.KMSWebApp.contextInitialized(KMSWebApp.java:177)
 
at 
org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5110)
 
at 
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5633)
 
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:145) 
at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1694) 
at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1684) 
at java.util.concurrent.FutureTask.run(FutureTask.java:266) 
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
at java.lang.Thread.run(Thread.java:745) 
Caused by: java.security.UnrecoverableKeyException: Password verification 
failed 
at 
org.apache.hadoop.crypto.key.RangerKeyStore.engineLoad(RangerKeyStore.java:391) 
... 15 more 

ERROR: Hadoop KMS could not be started 
{code}
 

 

The problem that I was to bring up, is this is clearly an Application 
Exception. This exception is being output to catalina.out, and the kms.log does 
not indicate any trace of what happen, even with DEBUG enabled. 

My request is to copy or redirect this Application UnrecoverableKeyException to 
the configured Application logging, in this case the kms.log. 

 


> When ranger.ks.masterkey.password mismatch with DB store hash it outputs into 
> catalina.out
> ------------------------------------------------------------------------------------------
>
>                 Key: RANGER-2034
>                 URL: https://issues.apache.org/jira/browse/RANGER-2034
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 0.7.2
>         Environment: HDP-2.6.3 -  Apache Ranger 0.7.0 
>            Reporter: Ernani Pereira de Mattos Junior
>            Priority: Minor
>              Labels: easyfix
>
> After unsuccessful migration of Ranger KMS from DB to HSM, the 
> ranger.ks.masterkey.password mismatched and thrown the following stack trace; 
>  
> {code:java}
> java.io.IOException: Keystore was tampered with, or password was incorrect 
> at 
> org.apache.hadoop.crypto.key.RangerKeyStore.engineLoad(RangerKeyStore.java:393)
>  
> at 
> org.apache.hadoop.crypto.key.RangerKeyStoreProvider.loadKeys(RangerKeyStoreProvider.java:151)
>  
> at 
> org.apache.hadoop.crypto.key.RangerKeyStoreProvider.reloadKeys(RangerKeyStoreProvider.java:382)
>  
> at 
> org.apache.hadoop.crypto.key.RangerKeyStoreProvider.<init>(RangerKeyStoreProvider.java:111)
>  
> at 
> org.apache.hadoop.crypto.key.RangerKeyStoreProvider$Factory.createProvider(RangerKeyStoreProvider.java:399)
>  
> at 
> org.apache.hadoop.crypto.key.KeyProviderFactory.get(KeyProviderFactory.java:95)
>  
> at 
> org.apache.hadoop.crypto.key.kms.server.KMSWebApp.contextInitialized(KMSWebApp.java:177)
>  
> at 
> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5110)
>  
> at 
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5633)
>  
> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:145) 
> at 
> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1694)
>  
> at 
> org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1684)
>  
> at java.util.concurrent.FutureTask.run(FutureTask.java:266) 
> at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>  
> at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>  
> at java.lang.Thread.run(Thread.java:745) 
> Caused by: java.security.UnrecoverableKeyException: Password verification 
> failed 
> at 
> org.apache.hadoop.crypto.key.RangerKeyStore.engineLoad(RangerKeyStore.java:391)
>  
> ... 15 more 
> ERROR: Hadoop KMS could not be started 
> {code}
>  
>  
> The problem that I am bringing to your attention is clearly this is an 
> Application Exception. This exception is being output to catalina.out, and 
> the kms.log does not indicate any trace of what happen, even with DEBUG 
> enabled. 
> My request is to copy or redirect this Application UnrecoverableKeyException 
> to the configured Application logging, in this case the kms.log. 
>  



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (RANGER-2034) When ranger.ks.masterkey.password mismatch with DB store hash it outputs into catalina.out

Reply via email to