Repository: incubator-ranger Updated Branches: refs/heads/master c74dc64b6 -> 08a17bc5d
RANGER-1044: Removed Keystore/Truststore SSL password - Thanks to Jan Hentschel for the patch. Reviewed by coheigea. Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/08a17bc5 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/08a17bc5 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/08a17bc5 Branch: refs/heads/master Commit: 08a17bc5dcccd453dd652fe36b793bd0b9f99f64 Parents: c74dc64 Author: Jan Hentschel <jan.hentsc...@ultratendency.com> Authored: Wed Oct 19 17:29:05 2016 +0200 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Mon Oct 24 14:18:12 2016 +0100 ---------------------------------------------------------------------- agents-common/scripts/upgrade-plugin.py | 4 ---- .../apache/ranger/plugin/util/RangerRESTClient.java | 6 ++---- hbase-agent/conf/ranger-policymgr-ssl-changes.cfg | 2 -- hbase-agent/conf/ranger-policymgr-ssl.xml | 14 -------------- hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg | 2 -- hdfs-agent/conf/ranger-policymgr-ssl.xml | 14 -------------- hive-agent/conf/ranger-policymgr-ssl-changes.cfg | 2 -- hive-agent/conf/ranger-policymgr-ssl.xml | 14 -------------- knox-agent/conf/ranger-policymgr-ssl-changes.cfg | 2 -- knox-agent/conf/ranger-policymgr-ssl.xml | 14 -------------- .../bin/import_ranger_to_ambari.py | 8 -------- .../bin/import_ranger_to_ambari.py | 16 ---------------- plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg | 2 -- plugin-atlas/conf/ranger-policymgr-ssl.xml | 14 -------------- plugin-kafka/conf/ranger-policymgr-ssl-changes.cfg | 2 -- plugin-kafka/conf/ranger-policymgr-ssl.xml | 14 -------------- plugin-kms/conf/ranger-policymgr-ssl-changes.cfg | 2 -- plugin-kms/conf/ranger-policymgr-ssl.xml | 14 -------------- plugin-solr/conf/ranger-policymgr-ssl-changes.cfg | 2 -- plugin-solr/conf/ranger-policymgr-ssl.xml | 14 -------------- plugin-yarn/conf/ranger-policymgr-ssl-changes.cfg | 2 -- plugin-yarn/conf/ranger-policymgr-ssl.xml | 14 -------------- .../plugin-sampleapp/conf/ranger-policymgr-ssl.xml | 14 -------------- storm-agent/conf/ranger-policymgr-ssl-changes.cfg | 2 -- storm-agent/conf/ranger-policymgr-ssl.xml | 14 -------------- 25 files changed, 2 insertions(+), 206 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/agents-common/scripts/upgrade-plugin.py ---------------------------------------------------------------------- diff --git a/agents-common/scripts/upgrade-plugin.py b/agents-common/scripts/upgrade-plugin.py index 9c32dd1..fe7a11f 100755 --- a/agents-common/scripts/upgrade-plugin.py +++ b/agents-common/scripts/upgrade-plugin.py @@ -115,10 +115,6 @@ def rewriteConfig(props,newProps): # # Fix for KNOX ssl (missing) configuration # - if ('xasecure.policymgr.clientssl.keystore.password' not in props): - props['xasecure.policymgr.clientssl.keystore.password'] = 'none' - if ('xasecure.policymgr.clientssl.truststore.password' not in props): - props['xasecure.policymgr.clientssl.truststore.password'] = 'none' if ('xasecure.policymgr.clientssl.keystore.credential.file' not in props): props['xasecure.policymgr.clientssl.keystore.credential.file'] = 'jceks://file/tmp/keystore-' + serviceName + '-ssl.jceks' if ( 'xasecure.policymgr.clientssl.truststore.credential.file' not in props): http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java index 5218624..b093f5f 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java @@ -65,15 +65,13 @@ public class RangerRESTClient { public static final String RANGER_PROP_POLICYMGR_URL = "ranger.service.store.rest.url"; public static final String RANGER_PROP_POLICYMGR_SSLCONFIG_FILENAME = "ranger.service.store.rest.ssl.config.file"; - public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE = "xasecure.policymgr.clientssl.keystore"; - public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_PASSWORD = "xasecure.policymgr.clientssl.keystore.password"; + public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE = "xasecure.policymgr.clientssl.keystore"; public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_TYPE = "xasecure.policymgr.clientssl.keystore.type"; public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_CREDENTIAL = "xasecure.policymgr.clientssl.keystore.credential.file"; public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_CREDENTIAL_ALIAS = "sslKeyStore"; public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_TYPE_DEFAULT = "jks"; - public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE = "xasecure.policymgr.clientssl.truststore"; - public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_PASSWORD = "xasecure.policymgr.clientssl.truststore.password"; + public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE = "xasecure.policymgr.clientssl.truststore"; public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_TYPE = "xasecure.policymgr.clientssl.truststore.type"; public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_CREDENTIAL = "xasecure.policymgr.clientssl.truststore.credential.file"; public static final String RANGER_POLICYMGR_TRUSTSTORE_FILE_CREDENTIAL_ALIAS = "sslTrustStore"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg b/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg index 6bf4265..4712649 100644 --- a/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg +++ b/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/hbase-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/ranger-policymgr-ssl.xml b/hbase-agent/conf/ranger-policymgr-ssl.xml index 964aac7..3baf772 100644 --- a/hbase-agent/conf/ranger-policymgr-ssl.xml +++ b/hbase-agent/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg b/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg index 50915b2..97a9a8e 100644 --- a/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg +++ b/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/hdfs-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/ranger-policymgr-ssl.xml b/hdfs-agent/conf/ranger-policymgr-ssl.xml index cd4a580..38c695b 100644 --- a/hdfs-agent/conf/ranger-policymgr-ssl.xml +++ b/hdfs-agent/conf/ranger-policymgr-ssl.xml @@ -26,13 +26,6 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> @@ -40,13 +33,6 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> <description> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/hive-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hive-agent/conf/ranger-policymgr-ssl-changes.cfg b/hive-agent/conf/ranger-policymgr-ssl-changes.cfg index 6bf4265..4712649 100644 --- a/hive-agent/conf/ranger-policymgr-ssl-changes.cfg +++ b/hive-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/hive-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hive-agent/conf/ranger-policymgr-ssl.xml b/hive-agent/conf/ranger-policymgr-ssl.xml index 964aac7..3baf772 100644 --- a/hive-agent/conf/ranger-policymgr-ssl.xml +++ b/hive-agent/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/knox-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/knox-agent/conf/ranger-policymgr-ssl-changes.cfg b/knox-agent/conf/ranger-policymgr-ssl-changes.cfg index 50915b2..97a9a8e 100644 --- a/knox-agent/conf/ranger-policymgr-ssl-changes.cfg +++ b/knox-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/knox-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/knox-agent/conf/ranger-policymgr-ssl.xml b/knox-agent/conf/ranger-policymgr-ssl.xml index 1020ec4..a0fdef8 100644 --- a/knox-agent/conf/ranger-policymgr-ssl.xml +++ b/knox-agent/conf/ranger-policymgr-ssl.xml @@ -26,13 +26,6 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> @@ -40,13 +33,6 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-knoxdev-ssl.jceks</value> <description> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/migration-util/ambari2.0-hdp2.2-ranger0.40/bin/import_ranger_to_ambari.py ---------------------------------------------------------------------- diff --git a/migration-util/ambari2.0-hdp2.2-ranger0.40/bin/import_ranger_to_ambari.py b/migration-util/ambari2.0-hdp2.2-ranger0.40/bin/import_ranger_to_ambari.py index f2b70eb..615eb35 100755 --- a/migration-util/ambari2.0-hdp2.2-ranger0.40/bin/import_ranger_to_ambari.py +++ b/migration-util/ambari2.0-hdp2.2-ranger0.40/bin/import_ranger_to_ambari.py @@ -542,9 +542,7 @@ def port_ranger_hdfs_plugin_to_ambari(): 'xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds'] advanced_ranger_hdfs_plugin_properties['XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT'] = hdfs_plugin_install_properties['xasecure.audit.hdfs.config.local.archive.max.file.count'] advanced_ranger_hdfs_plugin_properties['SSL_KEYSTORE_FILE_PATH'] = hdfs_plugin_install_properties['xasecure.policymgr.clientssl.keystore'] - advanced_ranger_hdfs_plugin_properties['SSL_KEYSTORE_PASSWORD'] = hdfs_plugin_install_properties['xasecure.policymgr.clientssl.keystore.password'] advanced_ranger_hdfs_plugin_properties['SSL_TRUSTSTORE_FILE_PATH'] = hdfs_plugin_install_properties['xasecure.policymgr.clientssl.truststore'] - advanced_ranger_hdfs_plugin_properties['SSL_TRUSTSTORE_PASSWORD'] = hdfs_plugin_install_properties['xasecure.policymgr.clientssl.truststore.password'] date_time_stamp = getDateTimeNow() plugin_configuration_data = '[{"Clusters":{"desired_config":[{"type":"hdfs-site", "service_config_version_note": "Initial configuration for Ranger HDFS plugin" ,"tag":"' + str(date_time_stamp) + '","properties":' + str( @@ -623,9 +621,7 @@ def port_ranger_hive_plugin_to_ambari(): 'xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds'] advanced_ranger_hive_plugin_properties['XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT'] = hive_plugin_install_properties['xasecure.audit.hdfs.config.local.archive.max.file.count'] advanced_ranger_hive_plugin_properties['SSL_KEYSTORE_FILE_PATH'] = hive_plugin_install_properties['xasecure.policymgr.clientssl.keystore'] - advanced_ranger_hive_plugin_properties['SSL_KEYSTORE_PASSWORD'] = hive_plugin_install_properties['xasecure.policymgr.clientssl.keystore.password'] advanced_ranger_hive_plugin_properties['SSL_TRUSTSTORE_FILE_PATH'] = hive_plugin_install_properties['xasecure.policymgr.clientssl.truststore'] - advanced_ranger_hive_plugin_properties['SSL_TRUSTSTORE_PASSWORD'] = hive_plugin_install_properties['xasecure.policymgr.clientssl.truststore.password'] advanced_ranger_hive_plugin_properties['UPDATE_XAPOLICIES_ON_GRANT_REVOKE'] = hive_plugin_install_properties['xasecure.hive.update.xapolicies.on.grant.revoke'] date_time_stamp = getDateTimeNow() @@ -701,9 +697,7 @@ def port_ranger_hbase_plugin_to_ambari(): 'xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds'] advanced_ranger_hbase_plugin_properties['XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT'] = hbase_plugin_install_properties['xasecure.audit.hdfs.config.local.archive.max.file.count'] advanced_ranger_hbase_plugin_properties['SSL_KEYSTORE_FILE_PATH'] = hbase_plugin_install_properties['xasecure.policymgr.clientssl.keystore'] - advanced_ranger_hbase_plugin_properties['SSL_KEYSTORE_PASSWORD'] = hbase_plugin_install_properties['xasecure.policymgr.clientssl.keystore.password'] advanced_ranger_hbase_plugin_properties['SSL_TRUSTSTORE_FILE_PATH'] = hbase_plugin_install_properties['xasecure.policymgr.clientssl.truststore'] - advanced_ranger_hbase_plugin_properties['SSL_TRUSTSTORE_PASSWORD'] = hbase_plugin_install_properties['xasecure.policymgr.clientssl.truststore.password'] advanced_ranger_hbase_plugin_properties['UPDATE_XAPOLICIES_ON_GRANT_REVOKE'] = hbase_plugin_install_properties['xasecure.hbase.update.xapolicies.on.grant.revoke'] date_time_stamp = getDateTimeNow() @@ -868,9 +862,7 @@ def port_ranger_storm_plugin_to_ambari(): 'xasecure.audit.hdfs.config.local.buffer.rollover.interval.seconds'] advanced_ranger_storm_plugin_properties['XAAUDIT.HDFS.LOCAL_ARCHIVE_MAX_FILE_COUNT'] = storm_plugin_install_properties['xasecure.audit.hdfs.config.local.archive.max.file.count'] advanced_ranger_storm_plugin_properties['SSL_KEYSTORE_FILE_PATH'] = storm_plugin_install_properties['xasecure.policymgr.clientssl.keystore'] - advanced_ranger_storm_plugin_properties['SSL_KEYSTORE_PASSWORD'] = storm_plugin_install_properties['xasecure.policymgr.clientssl.keystore.password'] advanced_ranger_storm_plugin_properties['SSL_TRUSTSTORE_FILE_PATH'] = storm_plugin_install_properties['xasecure.policymgr.clientssl.truststore'] - advanced_ranger_storm_plugin_properties['SSL_TRUSTSTORE_PASSWORD'] = storm_plugin_install_properties['xasecure.policymgr.clientssl.truststore.password'] date_time_stamp = getDateTimeNow() plugin_configuration_data = '[{"Clusters":{"desired_config":[{"type": "ranger-storm-plugin-properties", "service_config_version_note": "Initial configuration for Ranger STORM plugin" ,"tag":"' + str(date_time_stamp) + '", "properties":' + json.dumps( http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/migration-util/ambari2.1-hdp2.3-ranger0.50/bin/import_ranger_to_ambari.py ---------------------------------------------------------------------- diff --git a/migration-util/ambari2.1-hdp2.3-ranger0.50/bin/import_ranger_to_ambari.py b/migration-util/ambari2.1-hdp2.3-ranger0.50/bin/import_ranger_to_ambari.py index d9238a0..e25b8ae 100755 --- a/migration-util/ambari2.1-hdp2.3-ranger0.50/bin/import_ranger_to_ambari.py +++ b/migration-util/ambari2.1-hdp2.3-ranger0.50/bin/import_ranger_to_ambari.py @@ -515,9 +515,7 @@ def add_advanced_ranger_kms_configurations(ranger_kms_properties_from_file): advanced_ranger_kms_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = ranger_kms_properties_from_file.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/ranger-kms/conf/ranger-plugin-keystore.jks') - advanced_ranger_kms_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = ranger_kms_properties_from_file.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_kms_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = ranger_kms_properties_from_file.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/ranger-kms/conf/ranger-plugin-truststore.jks') - advanced_ranger_kms_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = ranger_kms_properties_from_file.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_kms_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = ranger_kms_properties_from_file.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_kms_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = ranger_kms_properties_from_file.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1052,9 +1050,7 @@ def port_ranger_hdfs_plugin_to_ambari(): advanced_ranger_hdfs_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = hdfs_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/hadoop-client/conf/ranger-plugin-keystore.jks') - advanced_ranger_hdfs_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = hdfs_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_hdfs_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = hdfs_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/hadoop-client/conf/ranger-plugin-truststore.jks') - advanced_ranger_hdfs_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = hdfs_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_hdfs_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = hdfs_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_hdfs_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = hdfs_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1162,9 +1158,7 @@ def port_ranger_yarn_plugin_to_ambari(): advanced_ranger_yarn_audit_properties['xasecure.audit.provider.summary.enabled'] = yarn_plugin_installed_properties.get('xasecure.audit.provider.summary.enabled','false') advanced_ranger_yarn_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = yarn_plugin_installed_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/hadoop-client/conf/ranger-yarn-plugin-keystore.jks') - advanced_ranger_yarn_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = yarn_plugin_installed_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_yarn_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = yarn_plugin_installed_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/hadoop-client/conf/ranger-yarn-plugin-truststore.jks') - advanced_ranger_yarn_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = yarn_plugin_installed_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_yarn_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = yarn_plugin_installed_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_yarn_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = yarn_plugin_installed_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1276,9 +1270,7 @@ def port_ranger_hive_plugin_to_ambari(): advanced_ranger_hive_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = hive_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/hive-server2/conf/ranger-plugin-keystore.jks') - advanced_ranger_hive_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = hive_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_hive_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = hive_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/hive-server2/conf/ranger-plugin-truststore.jks') - advanced_ranger_hive_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = hive_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_hive_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = hive_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_hive_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = hive_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1401,9 +1393,7 @@ def port_ranger_hbase_plugin_to_ambari(): advanced_ranger_hbase_audit_properties['xasecure.audit.provider.summary.enabled'] = hbase_plugin_install_properties.get('xasecure.audit.provider.summary.enabled','true') advanced_ranger_hbase_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = hbase_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/hbase-client/conf/ranger-plugin-keystore.jks') - advanced_ranger_hbase_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = hbase_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_hbase_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = hbase_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/hbase-client/conf/ranger-plugin-truststore.jks') - advanced_ranger_hbase_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = hbase_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_hbase_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = hbase_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_hbase_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = hbase_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1509,9 +1499,7 @@ def port_ranger_knox_plugin_to_ambari(): advanced_ranger_knox_audit_properties['xasecure.audit.provider.summary.enabled'] = knox_plugin_install_properties.get('xasecure.audit.provider.summary.enabled','false') advanced_ranger_knox_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = knox_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/knox-server/conf/ranger-plugin-keystore.jks') - advanced_ranger_knox_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = knox_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_knox_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = knox_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/knox-server/conf/ranger-plugin-truststore.jks') - advanced_ranger_knox_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = knox_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_knox_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = knox_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_knox_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = knox_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1614,9 +1602,7 @@ def port_ranger_storm_plugin_to_ambari(): advanced_ranger_storm_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = storm_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/storm-client/conf/ranger-plugin-keystore.jks') - advanced_ranger_storm_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = storm_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_storm_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = storm_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/storm-client/conf/ranger-plugin-truststore.jks') - advanced_ranger_storm_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = storm_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_storm_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = storm_plugin_install_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file{{credential_file}}') advanced_ranger_storm_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = storm_plugin_install_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file{{credential_file}}') @@ -1724,9 +1710,7 @@ def port_ranger_kafka_plugin_to_ambari(): advanced_ranger_kafka_audit_properties['xasecure.audit.provider.summary.enabled'] = kafka_plugin_installed_properties.get('xasecure.audit.db.is.enabled','true') advanced_ranger_kafka_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore'] = kafka_plugin_installed_properties.get('xasecure.policymgr.clientssl.keystore','/usr/hdp/current/kafka-broker/config/ranger-plugin-keystore.jks') - advanced_ranger_kafka_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.password'] = kafka_plugin_installed_properties.get('xasecure.policymgr.clientssl.keystore.password','myKeyFilePassword') advanced_ranger_kafka_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore'] = kafka_plugin_installed_properties.get('xasecure.policymgr.clientssl.truststore','/usr/hdp/current/kafka-broker/config/ranger-plugin-truststore.jks') - advanced_ranger_kafka_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.password'] = kafka_plugin_installed_properties.get('xasecure.policymgr.clientssl.truststore.password','changeit') advanced_ranger_kafka_policymgr_ssl_properties['xasecure.policymgr.clientssl.keystore.credential.file'] = kafka_plugin_installed_properties.get('xasecure.policymgr.clientssl.keystore.credential.file','jceks://file/{{credential_file}}') advanced_ranger_kafka_policymgr_ssl_properties['xasecure.policymgr.clientssl.truststore.credential.file'] = kafka_plugin_installed_properties.get('xasecure.policymgr.clientssl.truststore.credential.file','jceks://file/{{credential_file}}') http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg b/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg index 6bf4265..4712649 100644 --- a/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg +++ b/plugin-atlas/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-atlas/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/plugin-atlas/conf/ranger-policymgr-ssl.xml b/plugin-atlas/conf/ranger-policymgr-ssl.xml index 964aac7..3baf772 100644 --- a/plugin-atlas/conf/ranger-policymgr-ssl.xml +++ b/plugin-atlas/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-kafka/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-kafka/conf/ranger-policymgr-ssl-changes.cfg b/plugin-kafka/conf/ranger-policymgr-ssl-changes.cfg index ec4eeab..2d41392 100644 --- a/plugin-kafka/conf/ranger-policymgr-ssl-changes.cfg +++ b/plugin-kafka/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-kafka/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/plugin-kafka/conf/ranger-policymgr-ssl.xml b/plugin-kafka/conf/ranger-policymgr-ssl.xml index e80f1c3..a765a85 100644 --- a/plugin-kafka/conf/ranger-policymgr-ssl.xml +++ b/plugin-kafka/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-kafkadev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-kms/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-kms/conf/ranger-policymgr-ssl-changes.cfg b/plugin-kms/conf/ranger-policymgr-ssl-changes.cfg index 6bf4265..4712649 100644 --- a/plugin-kms/conf/ranger-policymgr-ssl-changes.cfg +++ b/plugin-kms/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-kms/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/plugin-kms/conf/ranger-policymgr-ssl.xml b/plugin-kms/conf/ranger-policymgr-ssl.xml index 6a9593f..952d548 100755 --- a/plugin-kms/conf/ranger-policymgr-ssl.xml +++ b/plugin-kms/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-kmsdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-solr/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-solr/conf/ranger-policymgr-ssl-changes.cfg b/plugin-solr/conf/ranger-policymgr-ssl-changes.cfg index ec4eeab..2d41392 100644 --- a/plugin-solr/conf/ranger-policymgr-ssl-changes.cfg +++ b/plugin-solr/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-solr/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/plugin-solr/conf/ranger-policymgr-ssl.xml b/plugin-solr/conf/ranger-policymgr-ssl.xml index dcadc52..8e1b130 100644 --- a/plugin-solr/conf/ranger-policymgr-ssl.xml +++ b/plugin-solr/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-solrdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-yarn/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/plugin-yarn/conf/ranger-policymgr-ssl-changes.cfg b/plugin-yarn/conf/ranger-policymgr-ssl-changes.cfg index ec4eeab..2d41392 100644 --- a/plugin-yarn/conf/ranger-policymgr-ssl-changes.cfg +++ b/plugin-yarn/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/plugin-yarn/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/plugin-yarn/conf/ranger-policymgr-ssl.xml b/plugin-yarn/conf/ranger-policymgr-ssl.xml index 964aac7..3baf772 100644 --- a/plugin-yarn/conf/ranger-policymgr-ssl.xml +++ b/plugin-yarn/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/ranger-examples/plugin-sampleapp/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/ranger-examples/plugin-sampleapp/conf/ranger-policymgr-ssl.xml b/ranger-examples/plugin-sampleapp/conf/ranger-policymgr-ssl.xml index 964aac7..3baf772 100644 --- a/ranger-examples/plugin-sampleapp/conf/ranger-policymgr-ssl.xml +++ b/ranger-examples/plugin-sampleapp/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/storm-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/storm-agent/conf/ranger-policymgr-ssl-changes.cfg b/storm-agent/conf/ranger-policymgr-ssl-changes.cfg index 6bf4265..4712649 100644 --- a/storm-agent/conf/ranger-policymgr-ssl-changes.cfg +++ b/storm-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -16,8 +16,6 @@ # SSL Params # xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/08a17bc5/storm-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/storm-agent/conf/ranger-policymgr-ssl.xml b/storm-agent/conf/ranger-policymgr-ssl.xml index 964aac7..3baf772 100644 --- a/storm-agent/conf/ranger-policymgr-ssl.xml +++ b/storm-agent/conf/ranger-policymgr-ssl.xml @@ -26,26 +26,12 @@ </description> </property> <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> <name>xasecure.policymgr.clientssl.truststore</name> <value>cacerts-xasecure.jks</value> <description> java truststore file </description> </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> <property> <name>xasecure.policymgr.clientssl.keystore.credential.file</name> <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value>