Secure hdfs setup not idempotent due to incorrect keystore path

Open cartershanklin opened this issue 10 years ago • 0 comments

[root@nn ssl-ca]# keytool -list -alias horton-ca -keystore /usr/java/default/jre/lib/security/cacerts -storepass changeit keytool error: java.lang.Exception: Alias does not exist [root@nn ssl-ca]# keytool -importcert -noprompt -alias horton-ca -keystore /usr/lib/jvm/java/jre/lib/security/cacerts -storepass changeit keytool error: java.lang.Exception: Certificate not imported, alias already exists

Correct path is /etc/pki/java/cacerts

Note that

[root@nn ssl-ca]# ls -l /usr/lib/jvm/java/jre/lib/security/ total 40 lrwxrwxrwx 1 root root 41 Sep 10 02:28 cacerts -> ../../../../../../../etc/pki/java/cacerts

Sep 10 '15 11:09 cartershanklin