Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-35322

Unable to Connect to SSL enabled Oracle RDS Instance using pyspark with spark-submit cluster mode

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Not A Problem
    • Affects Version/s: 3.1.1
    • Fix Version/s: None
    • Component/s: PySpark, Spark Submit
    • Labels:
      None

      Description

      We are not able to connect to SSL enabled Oracle RDS instance from pyspark in EMR.

      we have created the keystore file and placed in the EMR Master Node and using jdbc connection.

      The connectivity is not working when the executing spark-submit in master yarn and cluster deploy mode.

      The same keystore file is working fine with master local and client deploy mode.

       

      Getting the below error in yarn cluster mode:

      Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
      at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
      at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1709)
      at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:318)
      at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
      at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
      at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
      at sun.security.ssl.Handshaker$1.run(Handshaker.java:970)
      at sun.security.ssl.Handshaker$1.run(Handshaker.java:967)
      at java.security.AccessController.doPrivileged(Native Method)
      at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1459)
      at oracle.net.nt.SSLSocketChannel.runTasks(SSLSocketChannel.java:644)
      at oracle.net.nt.SSLSocketChannel.doSSLHandshake(SSLSocketChannel.java:436)
      ... 31 more
      Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:450)
      at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:317)
      at sun.security.validator.Validator.validate(Validator.java:262)
      at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:330)
      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:289)
      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:144)
      at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1626)
      ... 39 more
      Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
      at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
      at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:445)
      ... 45 more

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              bhragus Bhragu
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: