After BDA Expansion with self-signed Certificates BDR Jobs Fail with "sun.security.validator.ValidatorException: No trusted certificate found"
(Doc ID 2737561.1)
Last updated on APRIL 17, 2023
Applies to:
Big Data Appliance Integrated Software - Version 4.13.0 and laterLinux x86-64
Symptoms
After BDA expansion with self-signed certificates BDR jobs fail with the symptoms below:
1. Post expansion BDR jobs, where the source is the cluster just expanded, start to fail with:
Production https://<HOSTNAME3>.<DOMAIN>:7183 Unknown exception of type javax.ws.rs.client.ClientException while connecting to https://<HOSTANAME3>.<DOMAIN>:7183
2. On the source cluster, /var/log/cloudera-scm-server/cloudera-scm-server.log shows:
javax.ws.rs.client.ClientException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://<HOSTNAME3>.<DOMAIN>:7183/api/v1/tools/echo?message=<MESSAGE>: sun.security.validator.ValidatorException: No trusted certificate found
...
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted certificate found
3. Checking the affected host on the source cluster, shows that the truststore, /opt/cloudera/security/jks/<CLUSTER_NAME>.truststore,
does not contain a certificate entry for the target cluster.
a) For example checking as below indicates no certificate for the target cluster is present:
b) This certificate for the target cluster is present in the backup of the trustsore created prior to expansion.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |