[
https://issues.apache.org/jira/browse/AMBARI-16717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan Hurley updated AMBARI-16717:
-------------------------------------
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Knox Gateway Uses Wrong Keystore After Upgrade
> ----------------------------------------------
>
> Key: AMBARI-16717
> URL: https://issues.apache.org/jira/browse/AMBARI-16717
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.1.0
> Reporter: Jonathan Hurley
> Assignee: Jonathan Hurley
> Priority: Critical
> Fix For: 2.4.0
>
> Attachments: AMBARI-16717.patch
>
>
> When upgrading Knox, the {{data}} directory and its security artifacts are
> not copied over to the "versioned" data directory. This causes the
> {{gateway.jks}} keystore to be automatically re-generated. If the
> installation was using a custom keystore/certificate, then this will cause
> connections to be rejected after a successful startup.
> {code:title=Knox 2.2 -> 2.3.0.0}
> /usr/hdp/current/knox-server/data -> /var/lib/knox/data
> {code}
> {code:title=Knox 2.3.2.0+}
> /usr/hdp/current/knox-server/data -> /var/lib/knox/data-2.3.2.0-1234
> {code}
> As a result, after upgrading the {{/var/lib/knox/data-2.3.2.0-1234}} does not
> contain any of the security artifacts from the prior version.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
