Uploaded image for project: 'Oozie'
  1. Oozie
  2. OOZIE-3674

Add a --insecure like parameter to Oozie client so it can ignore certificate errors

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Done
    • 5.2.1
    • 5.3.0
    • client
    • None

    Description

      Currently when SSL is enabled you need to pass the -Djavax.net.ssl.trustStore and -Djavax.net.ssl.trustStorePassword system properties to the Oozie client or you need to import the certificate into the JDK's cert store otherwise Oozie client won't be able to connect to the Oozie server. Always passing these variables is very inconvenient, and another solution might be to allow certificate errors in the client. This would be like the curl --insecure option. The data would still be encrypted, but the client would not check the certificate. This should not be turned on by default in the Oozie client, but this could be a new command line parameter.

      Attachments

        1. OOZIE-3674-001.patch
          37 kB
          János Makai
        2. OOZIE-3674-002.patch
          40 kB
          János Makai
        3. OOZIE-3674-003.patch
          40 kB
          János Makai
        4. OOZIE-3674-004.patch
          39 kB
          János Makai
        5. OOZIE-3674-005.patch
          42 kB
          János Makai
        6. OOZIE-3674-006.patch
          42 kB
          János Makai
        7. OOZIE-3674-007.patch
          42 kB
          János Makai

        Activity

          People

            jmakai János Makai
            jmakai János Makai
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: