Description
SolrAuditDestination in Ranger Plugin connects to Solr via HTTPS. As part of the SSL setup, SolrAuditDestination overrides the system default SSLContext with Ranger's keystore/truststore.
It has a side effect that other components in the embedding application (within the same JVM) cannot use the original Java system truststore (cacerts) by default.
The Solr HTTP client provides an option to set the SSL context locally (that is for the Solr client only) instead of using the system-wide default and this would be the preferred way to pass the SSL context in, without affecting other components in the JVM.
Attachments
Issue Links
- relates to
-
RANGER-2567 Ranger fails to connect wired Solr
-
- Resolved
-