[
https://issues.apache.org/jira/browse/RANGER-1288?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Velmurugan Periasamy updated RANGER-1288:
-----------------------------------------
Fix Version/s: 0.7.0
> Add SSL enabled MySQL support in Ranger Admin
> ---------------------------------------------
>
> Key: RANGER-1288
> URL: https://issues.apache.org/jira/browse/RANGER-1288
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
> Affects Versions: 0.7.0
> Reporter: Pradeep Agrawal
> Assignee: Pradeep Agrawal
> Fix For: 0.7.0
>
> Attachments: RANGER-1288-1.patch
>
>
> *Problem Statement :* Ranger can not communicate to ssl enabled MySQL server
> *Associated error message :* Ranger DB script fails to communicate with the
> DB with sql AccessContronlException.
> *Proposed Solution :* JDBC connection string could be :
> "jdbc:mysql://127.0.0.1:3306/ranger?verifyServerCertificate=false&useSSL=true&requireSSL=true".
> The 'useSSL=true' property is added to the JDBC URL to attempt to communicate
> via SSL.
> The 'verifyServerCerticate=false' property is set to bypass certificate
> validation.
> The 'requireSSL=true' property is set to refuse to connect if the MySQL
> server does not support SSL. If user want to connect using truststore then he
> can configure truststore files(certificate information for the mysql server
> and client both).
> Ranger application and jisql utility should know from where to pick the
> certificates which can be set in System properties like this :
> -Djavax.net.ssl.keyStore=path_to_keystore_file
> -Djavax.net.ssl.keyStorePassword=password
> -Djavax.net.ssl.trustStore=path_to_truststore_file
> -Djavax.net.ssl.trustStorePassword=password
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
