Eric Yang created AMBARI-22009:
----------------------------------
Summary: Ambari Server and Agent communication does not verify SSL
certificates
Key: AMBARI-22009
URL: https://issues.apache.org/jira/browse/AMBARI-22009
Project: Ambari
Issue Type: Bug
Reporter: Eric Yang
This is a follow up to AMBARI-14149, where more system are showing inability to
establish connection between server and agent. In the latest OS update for
Python 2.7.5-58, it forces HttpsConnection api to verify certificate or set
context=ssl._create_unverified_context() flag. At some point,
context=ssl._create_unverified_context() will be flagged as security
vulnerability. Ambari server can created its own trusted certificates for both
server and clients to avoid setting unverified certificate flag. Agent
registration process can automate the certificate generation process for agents.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
