ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pradeep Agrawal (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (RANGER-1288) Add SSL enabled MySQL support in Ranger Admin
Date Tue, 03 Jan 2017 12:43:58 GMT

     [ https://issues.apache.org/jira/browse/RANGER-1288?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Pradeep Agrawal updated RANGER-1288:
------------------------------------
    Attachment: RANGER-1288-1.patch

> Add SSL enabled MySQL support in Ranger Admin
> ---------------------------------------------
>
>                 Key: RANGER-1288
>                 URL: https://issues.apache.org/jira/browse/RANGER-1288
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>    Affects Versions: 0.7.0
>            Reporter: Pradeep Agrawal
>            Assignee: Pradeep Agrawal
>         Attachments: RANGER-1288-1.patch
>
>
> *Problem Statement :* Ranger can not communicate to ssl enabled MySQL server
> *Associated error message :* Ranger DB script fails to communicate with the DB with sql
AccessContronlException.
> *Proposed Solution :* JDBC connection string could be : "jdbc:mysql://127.0.0.1:3306/ranger?verifyServerCertificate=false&useSSL=true&requireSSL=true".
> The 'useSSL=true' property is added to the JDBC URL to attempt to communicate via SSL.

> The 'verifyServerCerticate=false' property is set to bypass certificate validation.
> The 'requireSSL=true' property is set to refuse to connect if the MySQL server does not
support SSL. If user want to connect using truststore then he can configure truststore files(certificate
information for the mysql server and client both). 
> Ranger application and jisql utility should know from where to pick the certificates
which can be set in System properties like this :
> -Djavax.net.ssl.keyStore=path_to_keystore_file
> -Djavax.net.ssl.keyStorePassword=password
> -Djavax.net.ssl.trustStore=path_to_truststore_file
> -Djavax.net.ssl.trustStorePassword=password



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message