错误:Peer's certificate issuer has been marked as not trusted by the user
来源:互联网 发布:北京seo 编辑:程序博客网 时间:2024/05/17 08:12
Ambari开启了ssl,根据日志,访问如下两个网址报错:
https://c2bde03:50470/jmx
https://c2bde03:50470/jmx?get=Hadoop:service=NameNode,name=FSNamesystem::tag.HAState
但通过如下操作可以正常访问:
curl https://c2bde03:50470/jmx --cacert /etc/security/ca-cert
此种情况多发生在自签名的证书,报错含义是签发证书机构未经认证,无法识别。
解决办法是将签发该证书的私有CA公钥cacert.pem文件内容(本人生成的是ca-cert),追加到 /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
解决办法(将证书追加):
cd /etc/pki/ca-trust/extracted/pem/
cp tls-ca-bundle.pem tls-ca-bundle.pem.bak (先备份)
cat /etc/security/ca-cert >> tls-ca-bundle.pem
curl https://c2bde03:50470/jmx(访问正常)
另外注意个人创建CA的DN为:/C=cn/ST=changsha/L=hunan/O=chinacreator/OU=chinacreator/CN=AmbariCA
节点提供的DN:/C=cn/ST=changsha/L=hunan/O=chinacreator/OU=chinacreator/CN=c2bde02,
即CA DN 与certificate DN一定要不一样,否则会报:PEER'S CERTIFICATE HAS AN INVALID SIGNATURE.错误
- 错误:Peer's certificate issuer has been marked as not trusted by the user
- Peer's certificate issuer has been marked as not trusted by the user
- svnsync: E230001: Server certificate verification failed issuer is not trusted
- The key you are authenticating with has been marked as read only的解决方法
- zend studio 5.5 subversion :Server certificate verification failed: issuer is not trusted
- jenkin中svn连接问题:HoServer certificate verification failed: issuer is not trusted
- 解决错误“Logon Failure: The User Has Not Been Granted The Requested Logon Type At This Computer”
- Transaction has been rolled back because it has been marked as rollback
- Transaction has been rolled back because it has been marked as rollback .
- The file has not been pre-compiled错误
- 出现javax.net.ssl.SSLException: Not trusted server certificate错误
- Github git clone error: Peer's Certificate has expired
- Get-ACMECertificate : Issuer certificate hasn't been resolved.windows let's Encrypt gen cert for iis
- iOS This certificate has an invalid issuer
- This certificate has an invalid issuer
- This certificate has an invalid issuer
- SSL 错误:Key usage violation in certificate has been detected.
- JAVA刚碰见的问题( java.lang.SecurityException: The jurisdiction policy files are not signed by a trusted s
- MySQL IFNULL()函数的用法
- 链表问题——删除链表的中间节点和a/b处的节点
- iptables nat及端口映射 【转】
- Camera原理
- 【队内胡策 11.3】 T1 T2
- 错误:Peer's certificate issuer has been marked as not trusted by the user
- TextToSpeech的使用
- 安装ftp服务器
- 对比数据库和DBF文件中的列名
- eclipse把项目发布到GitHub。操作笔记,自己备用
- POJ 3580. SuperMemo
- Oracle正则表达式中文标点符号的问题
- "undefined reference to" 问题解决方法
- Kafka分区分配策略(Partition Assignment Strategy)