hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John Zhuge (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-13992) KMS should load SSL configuration the same way as SSLFactory
Date Tue, 17 Jan 2017 01:05:26 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-13992?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

John Zhuge updated HADOOP-13992:
--------------------------------
    Attachment: HADOOP-13992.001.patch

Patch 001
* Make SSLFactory#readSSLConfiguration reusable
* Add parameter sslConf to KMSWebServer constructor
* MiniKMS and KMSWebServer$main leverage SSLFactory#readSSLConfiguration

Testing done
* TestSSLFactory
* TestKMS
* Run {{hadoop key list/create/roll/delete}} in insecure pseudo-dist cluster
* Run {{hadoop key list/create/roll/delete}} in ssl pseudo-dist cluster
* Run {{KMS_HTTP_PORT=1234 bin/hadoop kms}} to verify KMS is running on port 1234
* Run {{KMS_SSL_KEYSTORE_PASS=abcd bin/hadoop kms}} to expect wrong password
* Run {{KMS_SSL_KEYSTORE_FILE=/tmp/tt bin/hadoop kms}} to expect invalid keystore path


> KMS should load SSL configuration the same way as SSLFactory
> ------------------------------------------------------------
>
>                 Key: HADOOP-13992
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13992
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: kms, security
>    Affects Versions: 3.0.0-alpha2
>            Reporter: John Zhuge
>            Assignee: John Zhuge
>         Attachments: HADOOP-13992.001.patch
>
>
> HADOOP-13597 loads SSL configuration in the different way than {{SSLFactory}} and other
existing methods:
> * SSLFactory#readSSLConfiguration
> * DFSUtil#loadSslConfiguration
> * WebAppUtils#loadSslConfiguration
> It should conform to the existing method.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message