[jira] [Work logged] (HADOOP-17699) Remove hardcoded SunX509 usage from SSLFactory

Mon, 17 May 2021 11:14:21 -0700 


     [ 
https://issues.apache.org/jira/browse/HADOOP-17699?focusedWorklogId=597913&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-597913
 ]

ASF GitHub Bot logged work on HADOOP-17699:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 17/May/21 18:11
            Start Date: 17/May/21 18:11
    Worklog Time Spent: 10m 
      Work Description: hadoop-yetus commented on pull request #3016:
URL: https://github.com/apache/hadoop/pull/3016#issuecomment-841871270






-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 597913)
    Time Spent: 40m  (was: 0.5h)

> Remove hardcoded SunX509 usage from SSLFactory
> ----------------------------------------------
>
>                 Key: HADOOP-17699
>                 URL: https://issues.apache.org/jira/browse/HADOOP-17699
>             Project: Hadoop Common
>          Issue Type: Bug
>            Reporter: Xiaoyu Yao
>            Assignee: Xiaoyu Yao
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> In SSLFactory.SSLCERTIFICATE, used by FileBasedKeyStoresFactory and 
> ReloadingX509TrustManager, there is a hardcoded reference to "SunX509" which 
> is used to get a KeyManager/TrustManager. This KeyManager type might not be 
> available if using the other JSSE providers, e.g.,  in FIPS deployment.
>  
> {code:java}
> WARN org.apache.hadoop.hdfs.web.URLConnectionFactory: Cannot load customized 
> ssl related configuration. Fall
>  back to system-generic settings.
>  java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not 
> available
>  at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
>  at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:137)
>  at 
> org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory.init(FileBasedKeyStoresFactory.java:186)
>  at org.apache.hadoop.security.ssl.SSLFactory.init(SSLFactory.java:187)
>  at 
> org.apache.hadoop.hdfs.web.SSLConnectionConfigurator.<init>(SSLConnectionConfigurator.java:50)
>  at 
> org.apache.hadoop.hdfs.web.URLConnectionFactory.getSSLConnectionConfiguration(URLConnectionFactory.java:100)
>  at 
> org.apache.hadoop.hdfs.web.URLConnectionFactory.newDefaultURLConnectionFactory(URLConnectionFactory.java:79)
> {code}
> This ticket is opened to use the DefaultAlgorithm defined by Java system 
> property: 
> ssl.KeyManagerFactory.algorithm and ssl.TrustManagerFactory.algorithm.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to