[ https://issues.apache.org/jira/browse/RANGER-4776?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Peter Turcsanyi reassigned RANGER-4776: --------------------------------------- Assignee: Peter Turcsanyi > SolrAuditDestination should use local SSLContext instead of setting the > system-wide default > ------------------------------------------------------------------------------------------- > > Key: RANGER-4776 > URL: https://issues.apache.org/jira/browse/RANGER-4776 > Project: Ranger > Issue Type: Bug > Components: audit, plugins > Reporter: Peter Turcsanyi > Assignee: Peter Turcsanyi > Priority: Major > > SolrAuditDestination in Ranger Plugin connects to Solr via HTTPS. As part of > the SSL setup, [SolrAuditDestination overrides the system default > SSLContext|https://github.com/apache/ranger/blob/f3637ac0bb35b213cfed11e5ffe14d93268bc4fa/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java#L135] > with Ranger's keystore/truststore. > It has a side effect that other components in the embedding application > (within the same JVM) cannot use the original Java system truststore > (cacerts) by default. > The Solr HTTP client provides an option to set the SSL context locally (that > is for the Solr client only) instead of using the system-wide default and > this would be the preferred way to pass the SSL context in, without affecting > other components in the JVM. -- This message was sent by Atlassian Jira (v8.20.10#820010)