找不到 hdfs fsck / 命令的可信证书
No trusted certificate found for hdfs fsck / command
我在 windows 中配置了使用 kerberos 保护的 hadoop-2.6.0。一切正常。但是当我执行下面的命令时
hdfs fsck /
我遇到以下异常。
异常
>
Connecting to namenode via https://hostname:50470
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.val
idator.ValidatorException: No trusted certificate found
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.
java:1341)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.jav
a:153)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.
java:1312)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339
)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323
)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLCon
nectionImpl.java:153)
at org.apache.hadoop.security.authentication.client.KerberosAuthenticato
r.authenticate(KerberosAuthenticator.java:186)
at org.apache.hadoop.security.authentication.client.AuthenticatedURL.ope
nConnection(AuthenticatedURL.java:216)
at org.apache.hadoop.hdfs.web.URLConnectionFactory.openConnection(URLCon
nectionFactory.java:164)
at org.apache.hadoop.hdfs.tools.DFSck.doWork(DFSck.java:303)
at org.apache.hadoop.hdfs.tools.DFSck.access[=12=]0(DFSck.java:72)
at org.apache.hadoop.hdfs.tools.DFSck.run(DFSck.java:145)
at org.apache.hadoop.hdfs.tools.DFSck.run(DFSck.java:142)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:415)
at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInforma
tion.java:1628)
at org.apache.hadoop.hdfs.tools.DFSck.run(DFSck.java:141)
at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70)
at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:84)
at org.apache.hadoop.hdfs.tools.DFSck.main(DFSck.java:341)
Caused by: sun.security.validator.ValidatorException: No trusted certificate fou
nd
at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValida
tor.java:384)
at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator
.java:134)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.j
ava:326)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerIm
pl.java:231)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustMan
agerImpl.java:107)
at org.apache.hadoop.security.ssl.ReloadingX509TrustManager.checkServerT
rusted(ReloadingX509TrustManager.java:129)
at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLCo
ntextImpl.java:813)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.
java:1323)
... 24 more
我已经从我的默认浏览器中导出证书并使用以下命令添加到密钥库中,但仍然面临同样的错误。
keytool -import -alias nncert -keystore c:\Java\jre\lib\security\cacerts -file nn.crt
帮我解决一下。
谢谢。
我已经按照 this link.
中的步骤解决了这个问题
导出证书后,它应该添加到 java 信任库 %JAVA_HOME%\jre\lib\security\cacerts 的默认位置,因为 fsck 命令使用 ssl 的默认位置。
希望这可能对某人有所帮助。
我在 windows 中配置了使用 kerberos 保护的 hadoop-2.6.0。一切正常。但是当我执行下面的命令时
hdfs fsck /
我遇到以下异常。
异常
> Connecting to namenode via https://hostname:50470 Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.val idator.ValidatorException: No trusted certificate found at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker. java:1341) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.jav a:153) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868) at sun.security.ssl.Handshaker.process_record(Handshaker.java:804) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl. java:1312) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339 ) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323 ) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java: 563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect (AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLCon nectionImpl.java:153) at org.apache.hadoop.security.authentication.client.KerberosAuthenticato r.authenticate(KerberosAuthenticator.java:186) at org.apache.hadoop.security.authentication.client.AuthenticatedURL.ope nConnection(AuthenticatedURL.java:216) at org.apache.hadoop.hdfs.web.URLConnectionFactory.openConnection(URLCon nectionFactory.java:164) at org.apache.hadoop.hdfs.tools.DFSck.doWork(DFSck.java:303) at org.apache.hadoop.hdfs.tools.DFSck.access[=12=]0(DFSck.java:72) at org.apache.hadoop.hdfs.tools.DFSck.run(DFSck.java:145) at org.apache.hadoop.hdfs.tools.DFSck.run(DFSck.java:142) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:415) at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInforma tion.java:1628) at org.apache.hadoop.hdfs.tools.DFSck.run(DFSck.java:141) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:70) at org.apache.hadoop.util.ToolRunner.run(ToolRunner.java:84) at org.apache.hadoop.hdfs.tools.DFSck.main(DFSck.java:341) Caused by: sun.security.validator.ValidatorException: No trusted certificate fou nd at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValida tor.java:384) at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator .java:134) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.j ava:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerIm pl.java:231) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustMan agerImpl.java:107) at org.apache.hadoop.security.ssl.ReloadingX509TrustManager.checkServerT rusted(ReloadingX509TrustManager.java:129) at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLCo ntextImpl.java:813) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker. java:1323) ... 24 more
我已经从我的默认浏览器中导出证书并使用以下命令添加到密钥库中,但仍然面临同样的错误。
keytool -import -alias nncert -keystore c:\Java\jre\lib\security\cacerts -file nn.crt
帮我解决一下。
谢谢。
我已经按照 this link.
中的步骤解决了这个问题导出证书后,它应该添加到 java 信任库 %JAVA_HOME%\jre\lib\security\cacerts 的默认位置,因为 fsck 命令使用 ssl 的默认位置。
希望这可能对某人有所帮助。