to create new topics or reply. | New User Registration


This topic contains 4 replies, has 3 voices, and was last updated by  Timothee Gautheron 1 year, 3 months ago.

  • Creator
  • #50496

    Timothee Gautheron

    Hello HDP community,

    i am currently working on building a secure Hadoop platform. My goal is to set up all security measures we know about in the hadoop world.
    So after a fresh install of HDP-2.0.6 with ambari, i stopped all services, spawned a Kerberos KDC, followed all steps to secure the HDFS service (for the first step in security). Everything is fine, my HDFS service (1 NN, 1 SecondNN, and 10 DN) is running with KDC auth, and i’m happy with it. To complete the security around HDFS, i wanted to configure HTTPS for the webUI , then 1way SSL and then 2ways SSL.
    But unfortunately, i’m stuck with the UI and cannot start the hdfs service with ssl enabled.
    I will describe the changes in configuration i made :

    core-site.xml :
    hadoop.ssl.enabled = true

    hdfs-site.xml :
    dfs.client.https.need-auth = false
    dfs.https.enable = true

    That’s all. everything else is default conf or working conf with kerberos enabled.

    Of course, on all my nodes working the hdfs service, i put the ssl-server.xml file with the appropriate configuration (jks store, location and password). The store file is also on my nodes.

    However, on service start, i get this error on every nodes :
    2014-03-24 10:50:50,516 WARN mortbay.log (Slf4jLog.java:warn(76)) – java.lang.NullPointerException
    2014-03-24 10:50:50,516 WARN mortbay.log (Slf4jLog.java:warn(76)) – failed SslSocketConnector@namenode.cluster.hdp:50470: java.io.IOException: !JsseListener: java.lang.NullPointerException
    2014-03-24 10:50:50,516 WARN mortbay.log (Slf4jLog.java:warn(76)) – failed Server@3e5b38d7: java.io.IOException: !JsseListener: java.lang.NullPointerException
    2014-03-24 10:50:50,517 INFO http.HttpServer (HttpServer.java:start(690)) – HttpServer.start() threw a non Bind IOException
    java.io.IOException: !JsseListener: java.lang.NullPointerException

    I have crawled the web to find an answer but i’m stuck here. Do you guys have any ideas ? Thanks a lot !

Viewing 4 replies - 1 through 4 (of 4 total)

You must be to reply to this topic. | Create Account

  • Author
  • #51258

    Timothee Gautheron

    I may be wrong about that, but as i’m setting first a 1-way ssl, I just need the ssl-server.xml configured to have it running. Then in a second time, the ssl-client.xml will help me achieve a 2-way.

    Here is my ssl-server.xml : http://pastebin.com/zVzQQDUB

    To generate the keystore and truststore i followed this page : http://docs.continuent.com/continuent-tungsten-2.0/deployment-ssl-stores.html


    Haohui Mai

    It looks like that you have not configured the keystore / truststore in ssl-server.xml / ssl-client.xml. Can you post the two configuration files as well?


    Timothee Gautheron

    You will find the complete startup sequence logs from one of my datanodes here : http://pastebin.com/a9F6gYpQ

    Here , http://pastebin.com/UxY62f6M , you will find the entire logs of the namenode startup sequence.


    Vinay Shukla


    Can you post the entire exception stacktrace?


Viewing 4 replies - 1 through 4 (of 4 total)
Hortonworks Data Platform
The Hortonworks Data Platform is a 100% open source distribution of Apache Hadoop that is truly enterprise grade having been built, tested and hardened with enterprise rigor.
Get started with Sandbox
Hortonworks Sandbox is a self-contained virtual machine with Apache Hadoop pre-configured alongside a set of hands-on, step-by-step Hadoop tutorials.
Modern Data Architecture
Tackle the challenges of big data. Hadoop integrates with existing EDW, RDBMS and MPP systems to deliver lower cost, higher capacity infrastructure.