[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640788#comment-17640788 ] Janos Makai commented on OOZIE-3674: Thank you :) > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Fix For: 5.3.0 > > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch, OOZIE-3674-005.patch, > OOZIE-3674-006.patch, OOZIE-3674-007.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640779#comment-17640779 ] ASF subversion and git services commented on OOZIE-3674: Commit 0f81e0f2db0d9749f58c71f602dbc3d473c1a09a in oozie's branch refs/heads/master from Denes Bodo [ https://gitbox.apache.org/repos/asf?p=oozie.git;h=0f81e0f2d ] OOZIE-3674 Add a --insecure like parameter to Oozie client so it can ignore certificate errors (jmakai via dionusos) > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch, OOZIE-3674-005.patch, > OOZIE-3674-006.patch, OOZIE-3674-007.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640441#comment-17640441 ] Janos Makai commented on OOZIE-3674: I've narrowed down the testing of insecure connection in `TestInsecureConnection` to prevent the IO exceptions during runs, hence preventing the timeouts. [~dionusos] could you please have a check on the latest patch set? The SpotBugs bugs are not related to this change. > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch, OOZIE-3674-005.patch, > OOZIE-3674-006.patch, OOZIE-3674-007.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640296#comment-17640296 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:green}+1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:green}+1{color} the patch does not introduce any line longer than 132 .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:red}-1{color} There are [21] new bugs found below threshold in total that must be fixed. .{color:red}-1{color} There are [6] new bugs found below threshold in [core] that must be fixed, listing only the first [5] ones. .You can find the SpotBugs diff here (look for the red and orange ones): core/findbugs-new.html .The top [5] most important SpotBugs errors are: .At BulkJPAExecutor.java:[line 206]: This use of javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query; can be vulnerable to SQL/JPQL injection .At BulkJPAExecutor.java:[line 176]: At BulkJPAExecutor.java:[line 175] .At BulkJPAExecutor.java:[line 205]: At BulkJPAExecutor.java:[line 199] .This use of javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query; can be vulnerable to SQL/JPQL injection: At BulkJPAExecutor.java:[line 206] .At BulkJPAExecutor.java:[line 111]: At BulkJPAExecutor.java:[line 127] .{color:orange}0{color} There are [2] new bugs found in [client] that would be nice to have fixed. .You can find the SpotBugs diff here: client/findbugs-new.html .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:orange}0{color} There are [4] new bugs found in [server] that would be nice to have fixed. .You can find the SpotBugs diff here: server/findbugs-new.html .{color:green}+1{color} There are no new bugs found in [examples]. .{color:red}-1{color} There are [15] new bugs found below threshold in [tools] that must be fixed, listing only the first [5] ones. .You can find the SpotBugs diff here (look for the red and orange ones): tools/findbugs-new.html .The top [5] most important SpotBugs errors are: .At OozieDBCLI.java:[line 584]: This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can be vulnerable to SQL injection .At OozieDBCLI.java:[line 574]: At OozieDBCLI.java:[line 573] .At OozieDBCLI.java:[line 577]: At OozieDBCLI.java:[line 575] .At OozieDBCLI.java:[line 579]: At OozieDBCLI.java:[line 578] .At OozieDBCLI.java:[line 584]: At OozieDBCLI.java:[line 581] .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:green}+1 TESTS{color} .Tests run: 3244 {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the te
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640267#comment-17640267 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch, OOZIE-3674-005.patch, > OOZIE-3674-006.patch, OOZIE-3674-007.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640226#comment-17640226 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:red}-1{color} There are [22] new bugs found below threshold in total that must be fixed. .{color:red}-1{color} There are [6] new bugs found below threshold in [core] that must be fixed, listing only the first [5] ones. .You can find the SpotBugs diff here (look for the red and orange ones): core/findbugs-new.html .The top [5] most important SpotBugs errors are: .At BulkJPAExecutor.java:[line 206]: This use of javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query; can be vulnerable to SQL/JPQL injection .At BulkJPAExecutor.java:[line 176]: At BulkJPAExecutor.java:[line 175] .At BulkJPAExecutor.java:[line 205]: At BulkJPAExecutor.java:[line 199] .This use of javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query; can be vulnerable to SQL/JPQL injection: At BulkJPAExecutor.java:[line 206] .At BulkJPAExecutor.java:[line 111]: At BulkJPAExecutor.java:[line 127] .{color:red}-1{color} There are [1] new bugs found below threshold in [client] that must be fixed. .You can find the SpotBugs diff here (look for the red and orange ones): client/findbugs-new.html .The most important SpotBugs errors are: .At InsecureConnectionHelper.java:[line 64]: SSLContext needs to be compatible with TLS 1.2 .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:green}+1{color} There are no new bugs found in [server]. .{color:green}+1{color} There are no new bugs found in [examples]. .{color:red}-1{color} There are [15] new bugs found below threshold in [tools] that must be fixed, listing only the first [5] ones. .You can find the SpotBugs diff here (look for the red and orange ones): tools/findbugs-new.html .The top [5] most important SpotBugs errors are: .At OozieDBCLI.java:[line 584]: This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can be vulnerable to SQL injection .At OozieDBCLI.java:[line 574]: At OozieDBCLI.java:[line 573] .At OozieDBCLI.java:[line 577]: At OozieDBCLI.java:[line 575] .At OozieDBCLI.java:[line 579]: At OozieDBCLI.java:[line 578] .At OozieDBCLI.java:[line 584]: At OozieDBCLI.java:[line 581] .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:green}+1 TESTS{color} .Tests run: 3244 {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall r
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640162#comment-17640162 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch, OOZIE-3674-005.patch, > OOZIE-3674-006.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17640014#comment-17640014 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:red}-1{color} There are [22] new bugs found below threshold in total that must be fixed. .{color:red}-1{color} There are [6] new bugs found below threshold in [core] that must be fixed, listing only the first [5] ones. .You can find the SpotBugs diff here (look for the red and orange ones): core/findbugs-new.html .The top [5] most important SpotBugs errors are: .At BulkJPAExecutor.java:[line 206]: This use of javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query; can be vulnerable to SQL/JPQL injection .At BulkJPAExecutor.java:[line 176]: At BulkJPAExecutor.java:[line 175] .At BulkJPAExecutor.java:[line 205]: At BulkJPAExecutor.java:[line 199] .This use of javax/persistence/EntityManager.createQuery(Ljava/lang/String;)Ljavax/persistence/Query; can be vulnerable to SQL/JPQL injection: At BulkJPAExecutor.java:[line 206] .At BulkJPAExecutor.java:[line 111]: At BulkJPAExecutor.java:[line 127] .{color:red}-1{color} There are [1] new bugs found below threshold in [client] that must be fixed. .You can find the SpotBugs diff here (look for the red and orange ones): client/findbugs-new.html .The most important SpotBugs errors are: .At InsecureConnectionHelper.java:[line 64]: SSLContext needs to be compatible with TLS 1.2 .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:orange}0{color} There are [4] new bugs found in [server] that would be nice to have fixed. .You can find the SpotBugs diff here: server/findbugs-new.html .{color:green}+1{color} There are no new bugs found in [examples]. .{color:red}-1{color} There are [15] new bugs found below threshold in [tools] that must be fixed, listing only the first [5] ones. .You can find the SpotBugs diff here (look for the red and orange ones): tools/findbugs-new.html .The top [5] most important SpotBugs errors are: .At OozieDBCLI.java:[line 584]: This use of java/sql/Statement.executeUpdate(Ljava/lang/String;)I can be vulnerable to SQL injection .At OozieDBCLI.java:[line 574]: At OozieDBCLI.java:[line 573] .At OozieDBCLI.java:[line 577]: At OozieDBCLI.java:[line 575] .At OozieDBCLI.java:[line 579]: At OozieDBCLI.java:[line 578] .At OozieDBCLI.java:[line 584]: At OozieDBCLI.java:[line 581] .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:green}+1 TESTS{color} .Tests run: 18 {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17639982#comment-17639982 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch, OOZIE-3674-005.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17639720#comment-17639720 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:green}+1{color} There are no new bugs found in total. .{color:green}+1{color} There are no new bugs found in [client]. .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:green}+1{color} There are no new bugs found in [server]. .{color:green}+1{color} There are no new bugs found in [core]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [tools]. .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [examples]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} .Tests run: 2895 .Tests failed : 0 .Tests in error : 86 .Tests timed out : 1 {color:red}-1{color} [ERROR] There are [86] test errors in [core]. Listing only the first [5] ones testCoordActionsGetByActionNumber:org.apache.oozie.executor.jpa.TestCoordJobGetActionByActionNumberJPAExecutor Check console output for the full list of errors/failures {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://ci-hadoop.apache.org/job/PreCommit-OOZIE-Build/142/ > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17639670#comment-17639670 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch, OOZIE-3674-004.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638432#comment-17638432 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:green}+1{color} There are no new bugs found in total. .{color:green}+1{color} There are no new bugs found in [examples]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [server]. .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [core]. .{color:green}+1{color} There are no new bugs found in [tools]. .{color:green}+1{color} There are no new bugs found in [client]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} .Tests run: 2749 .Tests failed : 0 .Tests in error : 0 .Tests timed out : 1 Check console output for the full list of errors/failures {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://ci-hadoop.apache.org/job/PreCommit-OOZIE-Build/141/ > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638421#comment-17638421 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638420#comment-17638420 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:green}+1{color} There are no new bugs found in total. .{color:green}+1{color} There are no new bugs found in [examples]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [server]. .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [core]. .{color:green}+1{color} There are no new bugs found in [tools]. .{color:green}+1{color} There are no new bugs found in [client]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} .Tests run: 2674 .Tests failed : 0 .Tests in error : 0 .Tests timed out : 1 Check console output for the full list of errors/failures {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://ci-hadoop.apache.org/job/PreCommit-OOZIE-Build/140/ > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch, > OOZIE-3674-003.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638398#comment-17638398 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638397#comment-17638397 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:green}+1 JAVADOC{color} .{color:green}+1{color} Javadoc generation succeeded with the patch .{color:green}+1{color} the patch does not seem to introduce new Javadoc warning(s) {color:green}+1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:green}+1{color} patch compiles .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:green}+1{color} There are no new bugs found in total. .{color:green}+1{color} There are no new bugs found in [examples]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [server]. .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [core]. .{color:green}+1{color} There are no new bugs found in [tools]. .{color:green}+1{color} There are no new bugs found in [client]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} .Tests run: 2714 .Tests failed : 0 .Tests in error : 0 .Tests timed out : 1 Check console output for the full list of errors/failures {color:green}+1 DISTRO{color} .{color:green}+1{color} distro tarball builds with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://ci-hadoop.apache.org/job/PreCommit-OOZIE-Build/139/ > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17638357#comment-17638357 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch, OOZIE-3674-002.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17633580#comment-17633580 ] Janos Makai commented on OOZIE-3674: There are some additional work to be done with this one, please don't review it yet. > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17633270#comment-17633270 ] Hadoop QA commented on OOZIE-3674: -- Testing JIRA OOZIE-3674 Cleaning local git workspace {color:green}+1 PATCH_APPLIES{color} {color:green}+1 CLEAN{color} {color:red}-1 RAW_PATCH_ANALYSIS{color} .{color:green}+1{color} the patch does not introduce any @author tags .{color:green}+1{color} the patch does not introduce any tabs .{color:green}+1{color} the patch does not introduce any trailing spaces .{color:green}+1{color} the patch does not introduce any star imports .{color:red}-1{color} the patch contains 2 line(s) longer than 132 characters .{color:green}+1{color} the patch adds/modifies 1 testcase(s) {color:green}+1 RAT{color} .{color:green}+1{color} the patch does not seem to introduce new RAT warnings {color:red}-1 JAVADOC{color} .{color:red}-1{color} build with Javadoc generation fails with the patch {color:red}-1 COMPILE{color} .{color:green}+1{color} HEAD compiles .{color:red}-1{color} patch does not compile .{color:green}+1{color} the patch does not seem to introduce new javac warnings {color:red}-1{color} There are [4] new bugs found below threshold in total that must be fixed. .{color:red}-1{color} There are [4] new bugs found below threshold in [client] that must be fixed. .You can find the SpotBugs diff here (look for the red and orange ones): client/findbugs-new.html .The most important SpotBugs errors are: .At InsecureConnectionHelper.java:[line 64]: SSLContext needs to be compatible with TLS 1.2 .At InsecureConnectionHelper.java:[line 53]: TrustManager that accept any certificates makes communication vulnerable to a MITM attack .At InsecureConnectionHelper.java:[line 56]: TrustManager that accept any certificates makes communication vulnerable to a MITM attack .At InsecureConnectionHelper.java:[line 49]: TrustManager that accept any certificates makes communication vulnerable to a MITM attack .{color:green}+1{color} There are no new bugs found in [webapp]. .{color:green}+1{color} There are no new bugs found in [fluent-job/fluent-job-api]. .{color:green}+1{color} There are no new bugs found in [server]. .{color:green}+1{color} There are no new bugs found in [core]. .{color:green}+1{color} There are no new bugs found in [sharelib/spark]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive2]. .{color:green}+1{color} There are no new bugs found in [sharelib/distcp]. .{color:green}+1{color} There are no new bugs found in [sharelib/streaming]. .{color:green}+1{color} There are no new bugs found in [sharelib/hive]. .{color:green}+1{color} There are no new bugs found in [sharelib/git]. .{color:green}+1{color} There are no new bugs found in [sharelib/hcatalog]. .{color:green}+1{color} There are no new bugs found in [sharelib/pig]. .{color:green}+1{color} There are no new bugs found in [sharelib/oozie]. .{color:green}+1{color} There are no new bugs found in [sharelib/sqoop]. .{color:green}+1{color} There are no new bugs found in [tools]. .{color:green}+1{color} There are no new bugs found in [docs]. .{color:green}+1{color} There are no new bugs found in [examples]. {color:green}+1 BACKWARDS_COMPATIBILITY{color} .{color:green}+1{color} the patch does not change any JPA Entity/Colum/Basic/Lob/Transient annotations .{color:green}+1{color} the patch does not modify JPA files {color:red}-1 TESTS{color} - patch does not compile, cannot run test cases {color:red}-1 DISTRO{color} .{color:red}-1{color} distro tarball fails with the patch {color:green}+1 MODERNIZER{color} {color:red}*-1 Overall result, please check the reported -1(s)*{color} The full output of the test-patch run is available at . https://ci-hadoop.apache.org/job/PreCommit-OOZIE-Build/104/ > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solutio
[jira] [Commented] (OOZIE-3674) Add a --insecure like parameter to Oozie client so it can ignore certificate errors
[ https://issues.apache.org/jira/browse/OOZIE-3674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17633267#comment-17633267 ] Hadoop QA commented on OOZIE-3674: -- PreCommit-OOZIE-Build started > Add a --insecure like parameter to Oozie client so it can ignore certificate > errors > --- > > Key: OOZIE-3674 > URL: https://issues.apache.org/jira/browse/OOZIE-3674 > Project: Oozie > Issue Type: Task > Components: client >Affects Versions: 5.2.1 >Reporter: Janos Makai >Assignee: Janos Makai >Priority: Major > Attachments: OOZIE-3674-001.patch > > > Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore > and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client > or you need to import the certificate into the JDK's cert store otherwise > Oozie client won't be able to connect to the Oozie server. Always passing > these variables is very inconvenient, and another solution might be to allow > certificate errors in the client. This would be like the curl > *{color:#0747a6}--insecure{color}* option. The data would still be encrypted, > but the client would not check the certificate. This should not be turned on > by default in the Oozie client, but this could be a new command line > parameter. -- This message was sent by Atlassian Jira (v8.20.10#820010)