Re: Custom truststore for ranger admin

Fri, 24 Jun 2016 11:30:45 -0700 

Hi Lune,
 Recently we added two new properties for Ranger admin “ranger.truststore.file” 
and “ranger.truststore.password” to specify custom truststore. For more details 
you can refer to Apache JIRA RANGER-840.

Thanks,
Sailaja
<https://issues.apache.org/jira/browse/RANGER-840>
From: Don Bosco Durai <bo...@apache.org<mailto:bo...@apache.org>>
Reply-To: 
"user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>" 
<user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>>
Date: Friday, June 24, 2016 at 11:17 AM
To: "user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>" 
<user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>>
Subject: Re: Custom truststore for ranger admin

Ok, got it. You are using 2 way SSL. In RangerAdmin, you can source your 
customized env scripts.

You can do the following:

  1.  In your RangerAdmin conf folder, create a file starting with 
ranger-admin-env-, e.g. ranger-admin-env-truststore.sh
  2.  Add this line: export JAVA_OPTS=" ${JAVA_OPTS} 
-Djavax.net.ssl.trustStore=/your_path/your_truststore.jks”
  3.  Chmod a+x your shell script
  4.  Restart RangerAdmin

Let me know if this addresses your requirement.

Thanks

Bosco



From: Lune Silver <lunescar.ran...@gmail.com<mailto:lunescar.ran...@gmail.com>>
Reply-To: 
<user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>>
Date: Friday, June 24, 2016 at 10:51 AM
To: <user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>>
Subject: Re: Custom truststore for ranger admin


Yeah when ssl is set to "want", you need to get the certificate of the plugin 
and to add it to the truststore of the admin.

Le 24 juin 2016 19:47, "Don Bosco Durai" 
<bo...@apache.org<mailto:bo...@apache.org>> a écrit :
Just curious, since plugins are initiating the request, do you need anything on 
the admin side?

Thanks

Bosco


From: Lune Silver <lunescar.ran...@gmail.com<mailto:lunescar.ran...@gmail.com>>
Reply-To: 
<user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>>
Date: Friday, June 24, 2016 at 10:45 AM
To: <user@ranger.incubator.apache.org<mailto:user@ranger.incubator.apache.org>>
Subject: Custom truststore for ranger admin


Hello !

Currently when activating encryption between plugins and admin, admin uses the 
default truststore of java.

Is it possible to specify a custom truststore for ranger admin ?

BR.

Lune

Reply via email to