[jira] [Comment Edited] (YARN-6457) Allow custom SSL configuration to be supplied in WebApps

Sanjay M Pujare (JIRA) Sat, 29 Apr 2017 20:34:35 -0700

    [ 
https://issues.apache.org/jira/browse/YARN-6457?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15990109#comment-15990109
 ]


Sanjay M Pujare edited comment on YARN-6457 at 4/30/17 3:33 AM:
----------------------------------------------------------------

[~haibochen] I would have suggested the same code you have but to my 
disappointment I noticed that Configuration.addResource(String) and 
Configuration.addResource(Path) behave differently and 
Configuration.addResource(String) didn't work for me :-( and that is why I 
suggested my code. If there is no issue with backward compatibility I can 
modify your code as follows:

{code}
if (sslConf == null)
{ sslConf = new Configuration(false); }
boolean needsClientAuth = 
YarnConfiguration.YARN_SSL_CLIENT_HTTPS_NEED_AUTH_DEFAULT;
String sslConfResource = conf.get("hadoop.ssl.server.conf", 
YarnConfiguration.YARN_SSL_SERVER_RESOURCE_DEFAULT);
sslConf.addResource(new Path(sslConfResource));
{code}

Also, is it okay to use "hadoop.ssl.server.conf" as it is without defining it 
as a constant in YarnConfiguration?


was (Author: sanjaypujare):
[~haibochen] I would have suggested the same code you have but to my 
disappointment I noticed that Configuration.addResource(String) and 
Configuration.addResource(Path) behave differently and 
Configuration.addResource(String) didn't work for me :-( and that is why I 
suggested my code. If there is no issue with backward compatibility I can 
modify your code as follows:

{code}
if (sslConf == null)
{ sslConf = new Configuration(false); }
boolean needsClientAuth = 
YarnConfiguration.YARN_SSL_CLIENT_HTTPS_NEED_AUTH_DEFAULT;
String sslConfResource = conf.get("hadoop.ssl.server.conf", 
YarnConfiguration.YARN_SSL_SERVER_RESOURCE_DEFAULT);
sslConf.addResource(new Path(sslConfResource));
{code}

> Allow custom SSL configuration to be supplied in WebApps
> --------------------------------------------------------
>
>                 Key: YARN-6457
>                 URL: https://issues.apache.org/jira/browse/YARN-6457
>             Project: Hadoop YARN
>          Issue Type: Improvement
>          Components: webapp, yarn
>            Reporter: Sanjay M Pujare
>            Assignee: Sanjay M Pujare
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> Currently a custom SSL store cannot be passed on to WebApps which forces the 
> embedded web-server to use the default keystore set up in ssl-server.xml for 
> the whole Hadoop cluster. There are cases where the Hadoop app needs to use 
> its own/custom keystore.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org

[jira] [Comment Edited] (YARN-6457) Allow custom SSL configuration to be supplied in WebApps

Reply via email to