Thanks a lot, Chrstopher. One step forward.
I am wondering if for the SSL configuration I also need to do something with
Zookeeper. I configured the client with:
clientConf = new ClientConfiguration(new File ("myfilePath"));
clientConf.withSsl(true);
clientConf.withTruststore("pathToTrustStore.jks");
clientConf.withKeystore(pathToKeyStore, "KeyStorePassword", "JKS");
clientConf.withInstance("InstanceName");
clientConf.withZkHosts("server1, server2,server3");
when I try to connect I get:
2015-07-07 12:37:52,591 INFO [main] zookeeper.ZooKeeper
(ZooKeeper.java:<init>(438)) - Initiating client connection,
connectString=server1,server2,server3,server4 sessionTimeout=30000
watcher=org.apache.accumulo.fate.zookeeper.ZooSession$ZooWatcher@1dab5fd5
2015-07-07 12:37:52,619 INFO [main-SendThread(server1:2181)]
zookeeper.ClientCnxn (ClientCnxn.java:logStartConnect(975)) - Opening socket
connection to server server1/x.x.x.x:2181. Will not attempt to authenticate
using SASL (unknown error)
2015-07-07 12:37:52,627 INFO [main-SendThread(server1:2181)]
zookeeper.ClientCnxn (ClientCnxn.java:primeConnection(852)) - Socket
connection established to server1/x.x.x.x:2181, initiating session
2015-07-07 12:37:52,636 INFO [main-SendThread(server1:2181)]
zookeeper.ClientCnxn (ClientCnxn.java:onConnected(1235)) - Session
establishment complete on server server1/x.x.x.x:2181, sessionid =
0x14e0cc457500039, negotiated timeout = 30000
2015-07-07 12:37:52,876 WARN [main] impl.ServerClient
(ServerClient.java:getConnection(152)) - Failed to find an available server
in the list of servers: [ssl:server2:9997 (120000), ssl:server3:9997
(120000), ssl:server4:9997 (120000), ssl:server1:9997 (120000)]
Am I missing something in the configuration?
I appreciate any pointer.
pundutech
On Mon, Jul 6, 2015 at 2:46 PM, Christopher<[email protected]> wrote:
The values for ClientProperty.RPC_SSL_KEYSTORE_TYPE should be
something like "JKS" or "PKCS12".
Now, you can connect to an SSL-enabled instance using:
Instance instance = new ZooKeeperInstance(clientConfig);
Connector conn = instance.getConnector(...);
--
Christopher L Tubbs II
http://gravatar.com/ctubbsii
On Mon, Jul 6, 2015 at 2:41 PM, pundu tech<[email protected]> wrote:
I am setting up a metadata configuration service on Accumulo.
Setting it up was a breeze. Doing a simple tests against the cluster was
easy. i am not finding much documentation on how to write Java client
with
SSL support.
Could someone please point me in some direction?
For instance, I have created a ClientConfiguraiton object with what I
believe are all the required SSL properties (I am not sure what are the
values for ClientProperty.RPC_SSL_KEYSTORE_TYPE). What should I do with
this object now?
Thanks,
pundutech
