ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Yang (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AMBARI-22009) Ambari Server and Agent communication does not verify SSL certificates
Date Wed, 20 Sep 2017 17:52:00 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-22009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Eric Yang updated AMBARI-22009:
-------------------------------
    Issue Type: Improvement  (was: Bug)

> Ambari Server and Agent communication does not verify SSL certificates
> ----------------------------------------------------------------------
>
>                 Key: AMBARI-22009
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22009
>             Project: Ambari
>          Issue Type: Improvement
>            Reporter: Eric Yang
>
> This is a follow up to AMBARI-14149, where more system are showing inability to establish
connection between server and agent.  In the latest OS update for Python 2.7.5-58, it forces
HttpsConnection api to verify certificate or set context=ssl._create_unverified_context()
flag.  At some point, context=ssl._create_unverified_context() will be flagged as security
vulnerability.  Ambari server can created its own trusted certificates for both server and
clients to avoid setting unverified certificate flag.  Agent registration process can automate
the certificate generation process for agents.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message