[jira] [Created] (HDDS-1976) Ozone manager init fails when certificate is missing in a kerberized cluster

[Vivek Ratnavel Subramanian (JIRA)]

Vivek Ratnavel Subramanian created HDDS-1976:
------------------------------------------------

             Summary: Ozone manager init fails when certificate is missing in a 
kerberized cluster
                 Key: HDDS-1976
                 URL: https://issues.apache.org/jira/browse/HDDS-1976
             Project: Hadoop Distributed Data Store
          Issue Type: Bug
          Components: Security
            Reporter: Vivek Ratnavel Subramanian
            Assignee: Anu Engineer


When Ozone Manager gets into a state where certificate is missing, it does not 
try to recover by creating a certificate.


{code:java}
3:30:48.620 PM INFO OzoneManager Initializing secure OzoneManager. 
3:30:49.788 PM INFO OMCertificateClient Loading certificate from 
location:/var/lib/hadoop-ozone/om/data/certs. 
3:30:49.896 PM INFO OMCertificateClient Added certificate from 
file:/var/lib/hadoop-ozone/om/data/certs/8136899895890.crt. 
3:30:49.904 PM INFO OMCertificateClient Added certificate from 
file:/var/lib/hadoop-ozone/om/data/certs/CA-1.crt. 
3:30:49.930 PM ERROR OMCertificateClient Default certificate serial id is not 
set. Can't locate the default certificate for this client. 
3:30:49.930 PM INFO OMCertificateClient Certificate client init case: 6 
3:30:49.932 PM INFO OMCertificateClient Found private and public key but 
certificate is missing. 
3:30:50.194 PM INFO OzoneManager Init response: RECOVER 
3:30:50.230 PM ERROR OzoneManager OM security initialization failed. OM 
certificate is missing.
{code}



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org