zookeeper-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rohit Singh (Jira)" <j...@apache.org>
Subject [jira] [Updated] (ZOOKEEPER-3516) Zookeeper not working with enabling ssl and remote authentication
Date Fri, 23 Aug 2019 20:46:00 GMT

     [ https://issues.apache.org/jira/browse/ZOOKEEPER-3516?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rohit Singh updated ZOOKEEPER-3516:
-----------------------------------
    Description: 
 
{code:java}
-Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.port=9992
-Dcom.sun.management.jmxremote.rmi.port=9993 -Dcom.sun.management.jmxremote.password.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-password
-Dcom.sun.management.jmxremote.access.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-access
-Dcom.sun.management.jmxremote.ssl=true -Djavax.net.ssl.keyStore=/opt/zookeeper/certificate.ks
-Djavax.net.ssl.keyStorePassword=YmM1NTkwZTVlZDg0 -Djavax.net.ssl.trustStore=/opt/zookeeper/serviceCA.ts
-Djavax.net.ssl.trustStorePassword=YmM1NTkwZTVlZDg0 -Dcom.sun.management.jmxremote.registry.ssl=true
-Dzookeeper.jmx.log4j.disable= -Djava.rmi.server.hostname=<hostname> org.apache.zookeeper.server.quorum.QuorumPeerMain
{code}
When zookeeper is brought with above options following error is seen
{code:java}
Error: Exception thrown by the agent : java.lang.IllegalArgumentException: Expected word at
end of line [readwrite ]
{code}
However when Dcom.sun.management.jmxremote.authenticate=false is set to false then zookeeper 
starts without any errors, but remote authentication is disabled and ssl works.
{code:java}
-Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=9992
-Dcom.sun.management.jmxremote.rmi.port=9993 -Dcom.sun.management.jmxremote.password.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-password
-Dcom.sun.management.jmxremote.access.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-access
-Dcom.sun.management.jmxremote.ssl=true -Djavax.net.ssl.keyStore=/opt/zookeeper/certificate.ks
-Djavax.net.ssl.keyStorePassword=YzJhZjIxN2Q2ODQ4 -Djavax.net.ssl.trustStore=/opt/zookeeper/serviceCA.ts
-Djavax.net.ssl.trustStorePassword=YzJhZjIxN2Q2ODQ4 -Dcom.sun.management.jmxremote.registry.ssl=true
-Dzookeeper.jmx.log4j.disable= -Djava.rmi.server.hostname=<hostname> org.apache.zookeeper.server.quorum.QuorumPeerMain
{code}
Is this behavior expected. 

 

 

  was:
 
{code:java}
-Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.port=9992
-Dcom.sun.management.jmxremote.rmi.port=9993 -Dcom.sun.management.jmxremote.password.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-password
-Dcom.sun.management.jmxremote.access.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-access
-Dcom.sun.management.jmxremote.ssl=false -Djavax.net.ssl.keyStore=/opt/zookeeper/certificate.ks
-Djavax.net.ssl.keyStorePassword=YmM1NTkwZTVlZDg0 -Djavax.net.ssl.trustStore=/opt/zookeeper/serviceCA.ts
-Djavax.net.ssl.trustStorePassword=YmM1NTkwZTVlZDg0 -Dcom.sun.management.jmxremote.registry.ssl=true
-Dzookeeper.jmx.log4j.disable= -Djava.rmi.server.hostname=<hostname> org.apache.zookeeper.server.quorum.QuorumPeerMain
{code}
When zookeeper is brought with above options following error is seen
{code:java}
Error: Exception thrown by the agent : java.lang.IllegalArgumentException: Expected word at
end of line [readwrite ]
{code}
However when Dcom.sun.management.jmxremote.authenticate=false is set to false then zookeeper 
starts without any errors, but remote authentication is disabled and ssl works.
{code:java}
-Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=9992
-Dcom.sun.management.jmxremote.rmi.port=9993 -Dcom.sun.management.jmxremote.password.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-password
-Dcom.sun.management.jmxremote.access.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-access
-Dcom.sun.management.jmxremote.ssl=false -Djavax.net.ssl.keyStore=/opt/zookeeper/certificate.ks
-Djavax.net.ssl.keyStorePassword=YzJhZjIxN2Q2ODQ4 -Djavax.net.ssl.trustStore=/opt/zookeeper/serviceCA.ts
-Djavax.net.ssl.trustStorePassword=YzJhZjIxN2Q2ODQ4 -Dcom.sun.management.jmxremote.registry.ssl=true
-Dzookeeper.jmx.log4j.disable= -Djava.rmi.server.hostname=<hostname> org.apache.zookeeper.server.quorum.QuorumPeerMain
{code}
Is this behavior expected. 

 

 


> Zookeeper not working with enabling ssl and remote authentication
> -----------------------------------------------------------------
>
>                 Key: ZOOKEEPER-3516
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3516
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: jmx
>    Affects Versions: 3.4.8
>            Reporter: Rohit Singh
>            Priority: Major
>
>  
> {code:java}
> -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.port=9992
-Dcom.sun.management.jmxremote.rmi.port=9993 -Dcom.sun.management.jmxremote.password.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-password
-Dcom.sun.management.jmxremote.access.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-access
-Dcom.sun.management.jmxremote.ssl=true -Djavax.net.ssl.keyStore=/opt/zookeeper/certificate.ks
-Djavax.net.ssl.keyStorePassword=YmM1NTkwZTVlZDg0 -Djavax.net.ssl.trustStore=/opt/zookeeper/serviceCA.ts
-Djavax.net.ssl.trustStorePassword=YmM1NTkwZTVlZDg0 -Dcom.sun.management.jmxremote.registry.ssl=true
-Dzookeeper.jmx.log4j.disable= -Djava.rmi.server.hostname=<hostname> org.apache.zookeeper.server.quorum.QuorumPeerMain
> {code}
> When zookeeper is brought with above options following error is seen
> {code:java}
> Error: Exception thrown by the agent : java.lang.IllegalArgumentException: Expected word
at end of line [readwrite ]
> {code}
> However when Dcom.sun.management.jmxremote.authenticate=false is set to false then zookeeper 
starts without any errors, but remote authentication is disabled and ssl works.
> {code:java}
> -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=9992
-Dcom.sun.management.jmxremote.rmi.port=9993 -Dcom.sun.management.jmxremote.password.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-password
-Dcom.sun.management.jmxremote.access.file=/zookeeper/zookeeper-3.4.8/conf/jmxremote-access
-Dcom.sun.management.jmxremote.ssl=true -Djavax.net.ssl.keyStore=/opt/zookeeper/certificate.ks
-Djavax.net.ssl.keyStorePassword=YzJhZjIxN2Q2ODQ4 -Djavax.net.ssl.trustStore=/opt/zookeeper/serviceCA.ts
-Djavax.net.ssl.trustStorePassword=YzJhZjIxN2Q2ODQ4 -Dcom.sun.management.jmxremote.registry.ssl=true
-Dzookeeper.jmx.log4j.disable= -Djava.rmi.server.hostname=<hostname> org.apache.zookeeper.server.quorum.QuorumPeerMain
> {code}
> Is this behavior expected. 
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

Mime
View raw message