[OOZIE-2318] Provide better solution for specifying SSL truststore to Oozie Client - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: trunk
Fix Version/s: 4.3.0
Component/s: docs
Labels:
None

Description

When using a self-signed certificate, Java will not allow the Oozie CLI will not connect to the Oozie server without importing the cert into the JRE, as described in the docs here. This has a number of downsides.

Instead, we should get rid of that and replace it with directions on how to change where the Oozie CLI looks for the truststore:

export OOZIE_CLIENT_OPTS='-Djavax.net.ssl.trustStore=/path/to/oozie-truststore.jks -Djavax.net.ssl.trustStorePassword=password'

Along with directions on how to create the truststore from the keystore/cert.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

OOZIE-2318.001.patch
27/Aug/15 21:53
4 kB
Robert Kanter

Activity

People

Assignee:: Robert Kanter

Reporter:: Robert Kanter

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 28/Jul/15 00:20

Updated:: 02/Dec/16 21:02

Resolved:: 04/Sep/15 22:04