-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Component/s: cdap
-
Labels:None
-
Rank:1|hzz1hz:
When 'ssl.enabled' is true, the following properties need to be set in cdap-security.xml. The entire cdap-security.xml file was missing from /etc/cdap/conf.
1. security.auth.server.ssl.keystore.path
2. security.auth.server.ssl.keystore.password
3. security.auth.server.ssl.keystore.keypassword
4. router.ssl.keystore.path
5. router.ssl.keystore.password
6. router.ssl.keystore.keypassword
7. dashboard.ssl.cert
8. dashboard.ssl.key
Note: the 4th, 5th, 7th, and 8th configurations were present in the cdap-site.xml.
For more details about the cdap-security.xml file, see:
http://docs.cdap.io/cdap/current/en/admin-manual/installation/security.html
Specifically, "It should be owned and readable only by the CDAP user."