Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-35322

Unable to Connect to SSL enabled Oracle RDS Instance using pyspark with spark-submit cluster mode

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Not A Problem
    • 3.1.1
    • None
    • PySpark, Spark Submit
    • None

    Description

      We are not able to connect to SSL enabled Oracle RDS instance from pyspark in EMR.

      we have created the keystore file and placed in the EMR Master Node and using jdbc connection.

      The connectivity is not working when the executing spark-submit in master yarn and cluster deploy mode.

      The same keystore file is working fine with master local and client deploy mode.

       

      Getting the below error in yarn cluster mode:

      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
      at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1709)
      at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:318)
      at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
      at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
      at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
      at sun.security.ssl.Handshaker$1.run(Handshaker.java:970)
      at sun.security.ssl.Handshaker$1.run(Handshaker.java:967)
      at java.security.AccessController.doPrivileged(Native Method)
      at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1459)
      at oracle.net.nt.SSLSocketChannel.runTasks(SSLSocketChannel.java:644)
      at oracle.net.nt.SSLSocketChannel.doSSLHandshake(SSLSocketChannel.java:436)
      ... 31 more
      Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
      at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
      at sun.security.validator.Validator.validate(Validator.java:262)
      at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:289)
      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:144)
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1626)
      ... 39 more
      Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
      at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
      at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
      ... 45 more

      Attachments

        Activity

          People

            Unassigned Unassigned
            bhragus Bhragu
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: