Uploaded image for project: 'Cookbooks'
  1. Cookbooks
  2. COOK-75

cdap-security.xml is missing properties when ssl is enabled

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Component/s: cdap
    • Labels:
      None
    • Rank:
      1|hzz1hz:

      Description

      When 'ssl.enabled' is true, the following properties need to be set in cdap-security.xml. The entire cdap-security.xml file was missing from /etc/cdap/conf.

      1. security.auth.server.ssl.keystore.path
      2. security.auth.server.ssl.keystore.password
      3. security.auth.server.ssl.keystore.keypassword
      4. router.ssl.keystore.path
      5. router.ssl.keystore.password
      6. router.ssl.keystore.keypassword
      7. dashboard.ssl.cert
      8. dashboard.ssl.key

      Note: the 4th, 5th, 7th, and 8th configurations were present in the cdap-site.xml.

      For more details about the cdap-security.xml file, see:
      http://docs.cdap.io/cdap/current/en/admin-manual/installation/security.html
      Specifically, "It should be owned and readable only by the CDAP user."

        Attachments

          Activity

            People

            • Assignee:
              chris Chris Gianelloni
              Reporter:
              ali.anwar Ali Anwar
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: