accumulo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pundu tech <pundut...@gmail.com>
Subject Re: Examples SSL Java Client examples
Date Tue, 14 Jul 2015 19:37:00 GMT
Thanks for the response. Unfortunately, I am still stuck on the same
problem and I have tried everything .

The error is this:


2015-07-14 15:21:26,703 WARN  [main] impl.ServerClient (
ServerClient.java:getConnection(152)) - Failed to find an available server
in the list of servers: [ssl:comet1:9997 (120000), ssl:comet4:9997
(120000), ssl:comet3:9997 (120000), ssl:comet2:9997 (120000)]

Unfortunately I don't see any error message in the tservers. I am wondering
if this has something to do with how I create the connector.

 What should I pass as arguments to the getConnector method when using SSL?

Connector connector = instance.getConnector(String principal,
AuthenticationToken authToken); ---> What would the principal and authToken
be here?


Please see below  the relevant code:

------

ClientConfiguration clientConf = new ClientConfiguration();

clientConf.withSsl(true);

 clientConf.withInstance("comet");

 clientConf.withTruststore("path.../truststore.jks");

 clientConf.withKeystore("path.../server.jks", "password", "JKS");

clientConf.withZkHosts("comet1,comet2,comet3,comet4);

Instance instance = new ZooKeeperInstance(clientConf);

Connector connector = instance.getConnector(args[2], args[3]);  ---->
originally args[2] and args[3] were "root" and "mypassword" but since I now
want to use SSL it should not be valid.


I appreciate your help.

Pundutech

On Tue, Jul 7, 2015 at 3:27 PM, Josh Elser <josh.elser@gmail.com> wrote:

> The guide you followed doesn't do anything special with ZooKeeper. It's
> purely an Accumulo issue.
>
>
> Christopher wrote:
>
>> I'm sorry to say that my understanding on how to connect to ZooKeeper
>> using SSL is non-existent at this time. Perhaps somebody else can jump
>> in?
>>
>> --
>> Christopher L Tubbs II
>> http://gravatar.com/ctubbsii
>>
>>
>> On Tue, Jul 7, 2015 at 12:47 PM, pundu tech<pundutech@gmail.com>  wrote:
>>
>>> Thanks a lot, Chrstopher. One step forward.
>>> I am wondering if for the SSL configuration I also need to do something
>>> with
>>> Zookeeper. I configured the client with:
>>>
>>> clientConf = new ClientConfiguration(new File ("myfilePath"));
>>>
>>> clientConf.withSsl(true);
>>>
>>> clientConf.withTruststore("pathToTrustStore.jks");
>>>
>>> clientConf.withKeystore(pathToKeyStore, "KeyStorePassword", "JKS");
>>>
>>> clientConf.withInstance("InstanceName");
>>>
>>> clientConf.withZkHosts("server1, server2,server3");
>>>
>>>
>>> when I try to connect I get:
>>>
>>> 2015-07-07 12:37:52,591 INFO  [main] zookeeper.ZooKeeper
>>> (ZooKeeper.java:<init>(438)) - Initiating client connection,
>>> connectString=server1,server2,server3,server4 sessionTimeout=30000
>>> watcher=org.apache.accumulo.fate.zookeeper.ZooSession$ZooWatcher@1dab5fd5
>>>
>>> 2015-07-07 12:37:52,619 INFO  [main-SendThread(server1:2181)]
>>> zookeeper.ClientCnxn (ClientCnxn.java:logStartConnect(975)) - Opening
>>> socket
>>> connection to server server1/x.x.x.x:2181. Will not attempt to
>>> authenticate
>>> using SASL (unknown error)
>>>
>>> 2015-07-07 12:37:52,627 INFO  [main-SendThread(server1:2181)]
>>> zookeeper.ClientCnxn (ClientCnxn.java:primeConnection(852)) - Socket
>>> connection established to server1/x.x.x.x:2181, initiating session
>>>
>>> 2015-07-07 12:37:52,636 INFO  [main-SendThread(server1:2181)]
>>> zookeeper.ClientCnxn (ClientCnxn.java:onConnected(1235)) - Session
>>> establishment complete on server server1/x.x.x.x:2181, sessionid =
>>> 0x14e0cc457500039, negotiated timeout = 30000
>>>
>>> 2015-07-07 12:37:52,876 WARN  [main] impl.ServerClient
>>> (ServerClient.java:getConnection(152)) - Failed to find an available
>>> server
>>> in the list of servers: [ssl:server2:9997 (120000), ssl:server3:9997
>>> (120000), ssl:server4:9997 (120000), ssl:server1:9997 (120000)]
>>>
>>>
>>> Am I missing something in the configuration?
>>>
>>> I appreciate any pointer.
>>>
>>> pundutech
>>>
>>>
>>> On Mon, Jul 6, 2015 at 2:46 PM, Christopher<ctubbsii@apache.org>  wrote:
>>>
>>>> The values for ClientProperty.RPC_SSL_KEYSTORE_TYPE should be
>>>> something like "JKS" or "PKCS12".
>>>> Now, you can connect to an SSL-enabled instance using:
>>>>
>>>> Instance instance = new ZooKeeperInstance(clientConfig);
>>>> Connector conn = instance.getConnector(...);
>>>>
>>>> --
>>>> Christopher L Tubbs II
>>>> http://gravatar.com/ctubbsii
>>>>
>>>>
>>>> On Mon, Jul 6, 2015 at 2:41 PM, pundu tech<pundutech@gmail.com>  wrote:
>>>>
>>>>> I am setting up a metadata configuration  service on Accumulo.
>>>>> Setting it up was a breeze. Doing a simple tests against the cluster
>>>>> was
>>>>> easy. i am not finding much documentation on how to write Java client
>>>>> with
>>>>> SSL support.
>>>>>
>>>>> Could someone please point me in some direction?
>>>>>
>>>>> For instance, I have created a ClientConfiguraiton object with what I
>>>>> believe are all the required SSL properties (I am not sure what are the
>>>>> values for ClientProperty.RPC_SSL_KEYSTORE_TYPE).  What should I do
>>>>> with
>>>>> this object now?
>>>>>
>>>>>
>>>>> Thanks,
>>>>> pundutech
>>>>>
>>>>
>>>

Mime
View raw message