-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/35481/
-----------------------------------------------------------
Review request for Ambari, Jonathan Hurley and Robert Levas.
Bugs: AMBARI-11938
https://issues.apache.org/jira/browse/AMBARI-11938
Repository: ambari
Description
-------
The following is being reported in the namenode logs on a cluster with wire
encryption enabled.
2015-06-05 23:00:17,702 WARN mortbay.log (Slf4jLog.java:warn(89)) -
EXCEPTION
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
at
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
at
org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:723)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Ambari JMX alert checks on a kerberized cluster are polling with curl. The
curl call should use -k to ignore checking the server's certificates.
Diffs
-----
ambari-common/src/main/python/resource_management/libraries/functions/curl_krb_request.py
5e7f795
Diff: https://reviews.apache.org/r/35481/diff/
Testing
-------
Manual tested on wire encryption enabled cluster. Verfied that exception does
not reproduce with fix.
mvn clean test
all pass
Thanks,
Tom Beerbower
