Re: Issues with usersync (LDAPS certificate not validated)

And yes i have already added the certificate to JAVA trust store by using following method cp /etc/alternatives/java_sdk_1.7.0/jre/lib/security/cacerts /usr/hdp/2 .2.0.0-2036/ranger-usersync/userSyncCAcerts keytool -import -trustcacerts -alias openLdap -file cert.pem -keystore /usr/hdp/2.2.0.0-2

Re: Issues with usersync (LDAPS certificate not validated)

Thanks Neethiraj, I tried above solution but it still gives following logs 07 Oct 2015 01:50:35 INFO UnixAuthenticationService [main] - Starting User Sync Service! 07 Oct 2015 01:50:35 INFO UnixAuthenticationService [main] - Enabling Unix Auth Service! 07 Oct 2015 01:50:35 INFO UserGroupSync [

Re: Issues with usersync (LDAPS certificate not validated)

Thanks Aneela, This indicates to me that you are using a self-signed certificate ( i:/C=PK/ST=Punjab/O=platalytics/OU=platform/CN=example.com ) for the ldap server. Is this certificate added to the Java truststore file (${JAVA_HOME}/jre/lib/security/cacerts) ? If that is a

[DISCUSS] Tag-based policies implementation

All, Apache Ranger enhancements to support tag-based policies (RANGER-274) is available in tag-policy branch. An overview of the implementation, along with couple of usecases example, is available in Apache wiki page here. Please review. In addition, the tag-policy branch has policy model enha

Re: Issues with usersync (LDAPS certificate not validated)

Hi Neethiraj, Following is the output of above command. Sorry i have changed domain name to now example.com CONNECTED(0003) depth=0 C = PK, ST = Punjab, L = lahore, O = platalytics, OU = platform, CN = example.com verify error:num=20:unable to get local issuer certificate verify return:1 dep