----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/35481/ -----------------------------------------------------------
Review request for Ambari, Jonathan Hurley and Robert Levas. Bugs: AMBARI-11938 https://issues.apache.org/jira/browse/AMBARI-11938 Repository: ambari Description ------- The following is being reported in the namenode logs on a cluster with wire encryption enabled. 2015-06-05 23:00:17,702 WARN mortbay.log (Slf4jLog.java:warn(89)) - EXCEPTION javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:723) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) Ambari JMX alert checks on a kerberized cluster are polling with curl. The curl call should use -k to ignore checking the server's certificates. Diffs ----- ambari-common/src/main/python/resource_management/libraries/functions/curl_krb_request.py 5e7f795 Diff: https://reviews.apache.org/r/35481/diff/ Testing ------- Manual tested on wire encryption enabled cluster. Verfied that exception does not reproduce with fix. mvn clean test all pass Thanks, Tom Beerbower