knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject svn commit: r1542408 - in /incubator/knox: site/books/knox-incubating-0-3-0/knox-incubating-0-3-0.html trunk/books/0.3.0/book_troubleshooting.md
Date Fri, 15 Nov 2013 21:45:19 GMT
Author: lmccay
Date: Fri Nov 15 21:45:19 2013
New Revision: 1542408

URL: http://svn.apache.org/r1542408
Log:
troubleshooting updates - fixed SSL certificate issues formatting

Modified:
    incubator/knox/site/books/knox-incubating-0-3-0/knox-incubating-0-3-0.html
    incubator/knox/trunk/books/0.3.0/book_troubleshooting.md

Modified: incubator/knox/site/books/knox-incubating-0-3-0/knox-incubating-0-3-0.html
URL: http://svn.apache.org/viewvc/incubator/knox/site/books/knox-incubating-0-3-0/knox-incubating-0-3-0.html?rev=1542408&r1=1542407&r2=1542408&view=diff
==============================================================================
--- incubator/knox/site/books/knox-incubating-0-3-0/knox-incubating-0-3-0.html (original)
+++ incubator/knox/site/books/knox-incubating-0-3-0/knox-incubating-0-3-0.html Fri Nov 15
21:45:19 2013
@@ -2305,8 +2305,17 @@ WWW-Authenticate: BASIC realm="appl
 Content-Length: 0
 Server: Jetty(8.1.12.v20130726)
 </code></pre><h3><a id="Hostname+Resolution+Issues"></a>Hostname
Resolution Issues</h3><p>TODO:Kevin - What does it look like when host mapping
is enabled and shouldn&rsquo;t be or vice versa.</p><h3><a id="Job+Submission+Issues+-+HDFS+Home+Directories"></a>Job
Submission Issues - HDFS Home Directories</h3><p>TODO:Dilli - What does it look
like if the LDAP authenticated user doesn&rsquo;t have a HDFS home directory and submits
a job.</p><h3><a id="Job+Submission+Issues+-+OS+Accounts"></a>Job
Submission Issues - OS Accounts</h3><p>TODO:Dilli - What does it look like if
the LDAP authenticated user submits a job but doesn&rsquo;t have an OS account.</p><h3><a
id="HBase+Issues"></a>HBase Issues</h3><p>TODO:Kevin - What does it look
like when HBase/Stargate hangs and how do you fix it.</p><h3><a id="SSL+Certificate+Issues"></a>SSL
Certificate Issues</h3><p>Clients that do not trust the certificate presented
by the server will behave in different ways. A browser will typically warn you of
  the inability to trust the receieved certificate and give you an opportunity to add an exception
for the particular certificate. Curl will present you with the follow message and instructions
for turning of certificate verification:</p>
-<pre><code>curl performs SSL certificate verification by default, using a &quot;bundle&quot;
-</code></pre><p> of Certificate Authority (CA) public keys (CA certs).
If the default  bundle file isn&rsquo;t adequate, you can specify an alternate file  using
the &ndash;cacert option.  If this HTTPS server uses a certificate signed by a CA represented
in  the bundle, the certificate verification probably failed due to a  problem with the certificate
(it might be expired, or the name might  not match the domain name in the URL).  If you&rsquo;d
like to turn off curl&rsquo;s verification of the certificate, use  the -k (or &ndash;insecure)
option.</p><h3><a id="Filing+Bugs"></a>Filing Bugs</h3><p>Bugs
can be filed using <a href="https://issues.apache.org/jira/browse/KNOX">Jira</a>.
Please include the results of this command below in the Environment section. Also include
the version of Hadoop being used in the same section.</p>
+<pre><code>curl performs SSL certificate verification by default, using a &quot;bundle&quot;

+ of Certificate Authority (CA) public keys (CA certs). If the default
+ bundle file isn&#39;t adequate, you can specify an alternate file
+ using the --cacert option.
+If this HTTPS server uses a certificate signed by a CA represented 
+ the bundle, the certificate verification probably failed due to a
+ problem with the certificate (it might be expired, or the name might
+ not match the domain name in the URL).
+If you&#39;d like to turn off curl&#39;s verification of the certificate, use
+ the -k (or --insecure) option.
+</code></pre><h3><a id="Filing+Bugs"></a>Filing Bugs</h3><p>Bugs
can be filed using <a href="https://issues.apache.org/jira/browse/KNOX">Jira</a>.
Please include the results of this command below in the Environment section. Also include
the version of Hadoop being used in the same section.</p>
 <pre><code>cd {GATEWAY_HOME}
 java -jar bin/gateway.jar -version
 </code></pre><h2><a id="Export+Controls"></a>Export Controls</h2><p>Apache
Knox Gateway includes cryptographic software. The country in which you currently reside may
have restrictions on the import, possession, use, and/or re-export to another country, of
encryption software. BEFORE using any encryption software, please check your country&rsquo;s
laws, regulations and policies concerning the import, possession, or use, and re-export of
encryption software, to see if this is permitted. See <a href="http://www.wassenaar.org">http://www.wassenaar.org</a>
for more information.</p><p>The U.S. Government Department of Commerce, Bureau
of Industry and Security (BIS), has classified this software as Export Commodity Control Number
(ECCN) 5D002.C.1, which includes information security software using or performing cryptographic
functions with asymmetric algorithms. The form and manner of this Apache Software Foundation
distribution makes it eligible for export under the License Exception ENC
  Technology Software Unrestricted (TSU) exception (see the BIS Export Administration Regulations,
Section 740.13) for both object code and source code.</p><p>The following provides
more details on the included cryptographic software:</p>

Modified: incubator/knox/trunk/books/0.3.0/book_troubleshooting.md
URL: http://svn.apache.org/viewvc/incubator/knox/trunk/books/0.3.0/book_troubleshooting.md?rev=1542408&r1=1542407&r2=1542408&view=diff
==============================================================================
--- incubator/knox/trunk/books/0.3.0/book_troubleshooting.md (original)
+++ incubator/knox/trunk/books/0.3.0/book_troubleshooting.md Fri Nov 15 21:45:19 2013
@@ -142,16 +142,16 @@ TODO:Kevin - What does it look like when
 ### SSL Certificate Issues ###
 Clients that do not trust the certificate presented by the server will behave in different
ways. A browser will typically warn you of the inability to trust the receieved certificate
and give you an opportunity to add an exception for the particular certificate. Curl will
present you with the follow message and instructions for turning of certificate verification:
 
-	curl performs SSL certificate verification by default, using a "bundle"
- 	 of Certificate Authority (CA) public keys (CA certs). If the default
- 	 bundle file isn't adequate, you can specify an alternate file
- 	 using the --cacert option.
-	If this HTTPS server uses a certificate signed by a CA represented in
- 	 the bundle, the certificate verification probably failed due to a
- 	 problem with the certificate (it might be expired, or the name might
- 	 not match the domain name in the URL).
+	curl performs SSL certificate verification by default, using a "bundle" 
+	 of Certificate Authority (CA) public keys (CA certs). If the default
+	 bundle file isn't adequate, you can specify an alternate file
+	 using the --cacert option.
+	If this HTTPS server uses a certificate signed by a CA represented 
+	 the bundle, the certificate verification probably failed due to a
+	 problem with the certificate (it might be expired, or the name might
+	 not match the domain name in the URL).
 	If you'd like to turn off curl's verification of the certificate, use
- 	 the -k (or --insecure) option.
+	 the -k (or --insecure) option.
 
 
 ### Filing Bugs ###



Mime
View raw message