[ https://issues.apache.org/jira/browse/HDFS-1023?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jakob Homan updated HDFS-1023: ------------------------------ Attachment: HDFS-1023-trunk.patch Trunk patch, straight forward port of Y20 version. Updates smooshed into this patch. No unit tests possible... manually tested on Y! clusters. > Allow http server to start as regular principal if https principal not > defined. > ------------------------------------------------------------------------------- > > Key: HDFS-1023 > URL: https://issues.apache.org/jira/browse/HDFS-1023 > Project: Hadoop HDFS > Issue Type: Improvement > Affects Versions: 0.22.0 > Reporter: Jakob Homan > Assignee: Jakob Homan > Fix For: 0.22.0 > > Attachments: HADOOP-1023-Y20-1.patch, HDFS-1023-trunk.patch, > HDFS-1023-Y20-Update-2.patch, HDFS-1023-Y20-Update.patch, HDFS-1023-Y20.patch > > > Currently limitations in Sun's KerbSSL implementation require the https > server to be run as "host/[machi...@realm." and another Sun KerbSSL > limitation appears to require you to store all principals in the same keytab, > meaning fully functional, secured Namenodes require combined keytabs. > However, it may be that one wishes to run a namenode without a secondary > namenode or other utilities that require https. In this case, we should > allow the http server to start and log a warning that it will not be able to > accept https connections. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.