Prabu Can you check this JIRA and let us know if it work?
https://issues.apache.org/jira/browse/RANGER-355 Thanks Bosco On 5/21/15, 4:57 AM, "Prabu Soundar Rajan -X (prabsoun - MINDTREE LIMITED at Cisco)" <prabs...@cisco.com> wrote: >Hi Team, > >We are experiencing the below issue in enabling the knox repository in >Ranger admin. Please advise us on how to resolve it. > >Connection Failed. >Exception on REST call to KnoxUrl : >https://<hostname>:8888/gateway/admin/api/v1/topologies<https://%3chostnam >e%3e:8888/gateway/admin/api/v1/topologies>. You can still save the >repository and start creating policies, but you would not be able to use >autocomplete for resource names. Check xa_portal.log for more info. > >javax.net.ssl.SSLHandshakeException: >java.security.cert.CertificateException: No subject alternative names >present. >java.security.cert.CertificateException: No subject alternative names >present. >No subject alternative names present. > >Full Trace: > >ERROR com.xasecure.biz.AssetMgr (AssetMgr.java:1682) - Unable to connect >repository with given config for cisco_knoxdev >com.xasecure.hadoop.client.exceptions.HadoopException: Exception on REST >call to KnoxUrl : https://hostname:8888/gateway/admin/api/v1/topologies. > at >com.xasecure.knox.client.KnoxClient.getTopologyList(KnoxClient.java:138) > at com.xasecure.knox.client.KnoxClient$2.call(KnoxClient.java:360) > at com.xasecure.knox.client.KnoxClient$2.call(KnoxClient.java:357) > at >com.xasecure.knox.client.KnoxClient.timedTask(KnoxClient.java:384) > at >com.xasecure.knox.client.KnoxClient.getKnoxResources(KnoxClient.java:365) > at >com.xasecure.knox.client.KnoxClient.testConnection(KnoxClient.java:278) > at com.xasecure.biz.AssetMgr.testConfig(AssetMgr.java:1657) > at com.xasecure.rest.AssetREST.testConfig(AssetREST.java:163) > at >com.xasecure.rest.AssetREST$$FastClassByCGLIB$$90363ab.invoke(<generated>) > at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191) > at >org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.inv >okeJoinpoint(Cglib2AopProxy.java:689) > at >org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refle >ctiveMethodInvocation.java:150) > at >org.springframework.transaction.interceptor.TransactionInterceptor.invoke( >TransactionInterceptor.java:110) > at >org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(Refle >ctiveMethodInvocation.java:172) > at >org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor >.intercept(Cglib2AopProxy.java:622) > at >com.xasecure.rest.AssetREST$$EnhancerByCGLIB$$d1881638.testConfig(<generat >ed>) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at >sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: >57) > at >sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorIm >pl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at >com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDis >patchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvi >der.java:168) > at >com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatc >her.dispatch(ResourceJavaMethodDispatcher.java:70) > at >com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule. >java:279) > at >com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPat >hRule.java:136) > at >com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClas >sRule.java:86) > at >com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPat >hRule.java:136) > at >com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootRe >sourceClassesRule.java:74) > at >com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(W >ebApplicationImpl.java:1357) > at >com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(W >ebApplicationImpl.java:1289) > at >com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(We >bApplicationImpl.java:1239) > at >com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(We >bApplicationImpl.java:1229) > at >com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.jav >a:420) > at >com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletConta >iner.java:497) > at >com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletConta >iner.java:684) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) > at >org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati >onFilterChain.java:303) > at >org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter >Chain.java:208) > at >org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at >org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati >onFilterChain.java:241) > at >org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter >Chain.java:208) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:330) > at >com.xasecure.security.web.filter.XASecurityContextFormationFilter.doFilter >(XASecurityContextFormationFilter.java:134) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.access.intercept.FilterSecurityIntercepto >r.invoke(FilterSecurityInterceptor.java:118) > at >org.springframework.security.web.access.intercept.FilterSecurityIntercepto >r.doFilter(FilterSecurityInterceptor.java:84) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.access.ExceptionTranslationFilter.doFilte >r(ExceptionTranslationFilter.java:113) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.session.SessionManagementFilter.doFilter( >SessionManagementFilter.java:103) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.authentication.AnonymousAuthenticationFil >ter.doFilter(AnonymousAuthenticationFilter.java:113) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.servletapi.SecurityContextHolderAwareRequ >estFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFi >lter(RequestCacheAwareFilter.java:45) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.authentication.www.BasicAuthenticationFil >ter.doFilter(BasicAuthenticationFilter.java:150) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.authentication.AbstractAuthenticationProc >essingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.authentication.logout.LogoutFilter.doFilt >er(LogoutFilter.java:105) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.context.SecurityContextPersistenceFilter. >doFilter(SecurityContextPersistenceFilter.java:87) > at >org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFil >ter(FilterChainProxy.java:342) > at >org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterC >hainProxy.java:192) > at >org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProx >y.java:160) > at >org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delega >tingFilterProxy.java:346) > at >org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFi >lterProxy.java:259) > at >org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicati >onFilterChain.java:241) > at >org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilter >Chain.java:208) > at >org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve. >java:220) > at >org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve. >java:122) > at >org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBa >se.java:501) > at >org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:1 >71) > at >org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:1 >03) > at >org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) > at >org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.ja >va:116) > at >org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408 >) > at >org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Pro >cessor.java:1070) > at >org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(Abstr >actProtocol.java:611) > at >org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.jav >a:316) > at >java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java: >1145) > at >java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java >:615) > at >org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread. >java:61) > at java.lang.Thread.run(Thread.java:745) >Caused by: com.sun.jersey.api.client.ClientHandlerException: >javax.net.ssl.SSLHandshakeException: >java.security.cert.CertificateException: No subject alternative names >present > at >com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLC >onnectionClientHandler.java:131) > at >com.sun.jersey.api.client.filter.HTTPBasicAuthFilter.handle(HTTPBasicAuthF >ilter.java:81) > at com.sun.jersey.api.client.Client.handle(Client.java:616) > at >com.sun.jersey.api.client.WebResource.handle(WebResource.java:559) > at >com.sun.jersey.api.client.WebResource.access$200(WebResource.java:72) > at >com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:454) > at >com.xasecure.knox.client.KnoxClient.getTopologyList(KnoxClient.java:86) > ... 84 more >Caused by: javax.net.ssl.SSLHandshakeException: >java.security.cert.CertificateException: No subject alternative names >present > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) > at >sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java: >1446) > at >sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209 >) > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) > at sun.security.ssl.Handshaker.process_record(Handshaker.java:837) > at >sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) > at >sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java: >1332) > at >sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) > at >sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) > at >sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) > at >sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abst >ractDelegateHttpsURLConnection.java:185) > at >sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnecti >on.java:1301) > at >java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468) > at >sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURL >ConnectionImpl.java:338) > at >com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URL >ConnectionClientHandler.java:218) > at >com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLC >onnectionClientHandler.java:129) > ... 90 more >Caused by: java.security.cert.CertificateException: No subject >alternative names present > at >sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:142) > at >sun.security.util.HostnameChecker.match(HostnameChecker.java:91) > at >sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.j >ava:347) > at >sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.ja >va:203) > at >sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerI >mpl.java:126) > at >sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java: >1428) > ... 104 more > > > >Thanks & Regards, >Prabu >