[
https://issues.apache.org/jira/browse/MAPREDUCE-4669?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13458927#comment-13458927
]
Alejandro Abdelnur commented on MAPREDUCE-4669:
-----------------------------------------------
An approach would be do get the user to provide the keystore for its AM via
distributed cached.
> MRAM web UI over HTTPS does not work with Kerberos security enabled
> -------------------------------------------------------------------
>
> Key: MAPREDUCE-4669
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-4669
> Project: Hadoop Map/Reduce
> Issue Type: Bug
> Components: mr-am
> Affects Versions: 2.0.3-alpha
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
>
> With Kerberos enable, the MRAM runs as the user that submitted the job, thus
> the MRAM process cannot read the cluster keystore files to get the
> certificates to start its HttpServer using HTTPS.
> We need to decouple the keystore used by RM/NM/NN/DN (which are cluster
> provided) from the keystore used by AMs (which ought to be user provided).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
