[jira] [Updated] (AMBARI-11938) Namenode log contains:javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

Tom Beerbower (JIRA) Mon, 15 Jun 2015 16:57:53 -0700

     [ 
https://issues.apache.org/jira/browse/AMBARI-11938?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Tom Beerbower updated AMBARI-11938:
-----------------------------------
    Description: 
The following is being reported in the namenode logs on a cluster with wire 
encryption enabled.

{code}
2015-06-05 23:00:17,702 WARN  mortbay.log (Slf4jLog.java:warn(89)) - EXCEPTION 
javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
        at 
sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
        at 
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
        at 
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
        at 
org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:723)
        at 
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
{code}


Ambari JMX alert checks on a kerberized cluster are polling with curl.  The 
curl call should use -k to ignore checking the server's certificates.


  was:
Ambari JMX alert checks on a kerberized cluster are polling with curl.  The 
curl call should use -k to ignore checking the server's certificates.



> Namenode log contains:javax.net.ssl.SSLHandshakeException: Received fatal 
> alert: bad_certificate
> ------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-11938
>                 URL: https://issues.apache.org/jira/browse/AMBARI-11938
>             Project: Ambari
>          Issue Type: Bug
>            Reporter: Tom Beerbower
>            Assignee: Tom Beerbower
>             Fix For: 2.1.0
>
>
> The following is being reported in the namenode logs on a cluster with wire 
> encryption enabled.
> {code}
> 2015-06-05 23:00:17,702 WARN  mortbay.log (Slf4jLog.java:warn(89)) - 
> EXCEPTION 
> javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
>       at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>       at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
>       at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1979)
>       at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1086)
>       at 
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
>       at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
>       at 
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
>       at 
> org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:723)
>       at 
> org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
> {code}
> Ambari JMX alert checks on a kerberized cluster are polling with curl.  The 
> curl call should use -k to ignore checking the server's certificates.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (AMBARI-11938) Namenode log contains:javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

Reply via email to