Uploaded image for project: 'Oozie'
  1. Oozie
  2. OOZIE-1881 Docs fixes
  3. OOZIE-2318

Provide better solution for specifying SSL truststore to Oozie Client

    XMLWordPrintableJSON

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: trunk
    • Fix Version/s: 4.3.0
    • Component/s: docs
    • Labels:
      None

      Description

      When using a self-signed certificate, Java will not allow the Oozie CLI will not connect to the Oozie server without importing the cert into the JRE, as described in the docs here. This has a number of downsides.

      Instead, we should get rid of that and replace it with directions on how to change where the Oozie CLI looks for the truststore:

      export OOZIE_CLIENT_OPTS='-Djavax.net.ssl.trustStore=/path/to/oozie-truststore.jks -Djavax.net.ssl.trustStorePassword=password'
      

      Along with directions on how to create the truststore from the keystore/cert.

        Attachments

        1. OOZIE-2318.001.patch
          4 kB
          Robert Kanter

          Activity

            People

            • Assignee:
              rkanter Robert Kanter
              Reporter:
              rkanter Robert Kanter
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: