Error:"Java patch PatchPasswordEncryption_J10001 is being applied by some other process" when starting Ranger Admin
SupportKB
Problem Description:
When starting Ranger admin, it fails to start up with the following error:
- [I] Java patch PatchPasswordEncryption_J10001 is being applied by some other process
The Ranger Admin service fails to start even after completely removing Ranger service, dropping Ranger database and reinstalling Ranger:
- 2017-10-20 13:29:32,536 [JISQL] /usr/java/default/bin/java
- -cp /usr/hdp/current/ranger-admin/ews/lib/mysql-connector-java.jar:
- /usr/hdp/current/ranger-admin/jisql/lib/*
- org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql:
- //ost-cdc-asi-nam-c04-data.linux.abc.corp.abc.com/ranger_hdp -u
- 'ranger-hdp' -p '********'
- -noheader -trim -c \; -query "delete from x_db_version_h where version='J10001' and
- active='N' and updated_by='test.support.com';"
- SQLException : SQL state: HY000 java.sql.SQLException: null, message from server:
- "Host '10.0.0.1' is blocked because of many connection errors; unblock with
- 'mysqladmin flush-hosts'" ErrorCode: 1129
- 2017-10-20 13:29:32,838 [E] applying java patch PatchPasswordEncryption_J10001 failed
Cause:
This issue occurs on latest versions of CentOS/RHEL releases (for example CentOS/RHEL 6.7 or later, and CentOS/RHEL 7), where "Encrypted Connections" (SSL) feature is enabled by default in MySQL. If the database client (Ranger in this case) is not configured to use SSL, the connection will fail and the following is displayedin the log as well:
- WARN: Establishing SSL connection without server's identity verification is not recommended.
- According to MySQL 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established by default
- if explicit option isn't set.
- For compliance with existing applications not using SSL the verifyServerCertificate property
- is set to 'false'.
- You need either to explicitly disable SSL by setting useSSL=false, or set useSSL=true and provide truststore for server certificate verification.
The database client will keep connecting until it reaches the limit of MySQL's crude anti-cybercriminal feature. If MySQL's crude anti-cybercriminal feature has been activated, when a database client has tried and failed to connect MySQL for many times (by default, 100) the MySQL concludes that the machine is compromised and refuses to accept any more connections from it. That's when Ranger admin fails with the "blocked because of many connection error".
Solution:
To resolve this issue, disable the Encrypted Connections (SSL) feature in MySQL by adding skip_ssl in my.cnf and restart mysqld service:
- Log in to MySQL and query:
- mysql> SHOW VARIABLES LIKE '%ssl%';
- The following should be like the following, which suggests the SSL is enabled in MySQL:
- +---------------+-----------------+ | Variable_name | Value |
- "+---------------+-----------------+ | have_openssl | YES | |
- have_ssl | YES | | ssl_ca | ca.pem | | ssl_capath | | | ssl_cert |
- server-cert.pem | | ssl_cipher | | | ssl_crl | | | ssl_crlpath | | |
- ssl_key | server-key.pem | +---------------+-----------------+ 9 rows in set (0.00 sec)
- Edit my.cnf file to add skip_ssl:
- [mysqld]
- ...
- skip_ssl
- # disable_ssl
- ...
- Restart MySQL service:
- service mysql restart
- Re-log in to MySQL and run the same query. Ensure SSL is disabled:
- +---------------+----------+
- | Variable_name | Value |
- +---------------+----------+
- | have_openssl | DISABLED |
- | have_ssl | DISABLED |
- | ssl_ca | |
- | ssl_capath | |
- | ssl_cert | |
- | ssl_cipher | |
- | ssl_crl | |
- | ssl_crlpath | |
- | ssl_key | |
- +---------------+----------+
- 9 rows in set (0.00 sec)
- Restart Ranger admin service.
About:
This article created by Hortonworks Support (Article: 000006653) on 2017-11-03 14:00
OS: n/a
Type: n/a
Version: n/a
Error:"Java patch PatchPasswordEncryption_J10001 is being applied by some other process" when starting Ranger Admin的更多相关文章
- idea报错:error java compilation failed internal java compiler error
idea下面报如下问题 error java compilation failed internal java compiler error 解决办法:Setting->Compiler-> ...
- idea Error:java: Compilation failed: internal java compiler error
idea 遇到Error:java: Compilation failed: internal java compiler error 是提示说你当前使用的编译器jdk版本不对. 按住Ctrl+Alt ...
- com.sun.xml.internal.ws.server.ServerRtException: Server Runtime Error: java.net.BindException: Cannot assign requested address: bind
在发布 web service 时报错: Endpoint.publish(publishAddress, hl7MessageReveiver); com.sun.xml.internal.ws.s ...
- Error:java:Compilation failed: internal java compiler error
在IDEA中编译时出现这个错误:Error:java:Compilation failed: internal java compiler error! Information:Using javac ...
- IDEA Error:java: 未结束的字符串文字
首页 > 编程交流 > 基础篇 > IDEA Error:java: 未结束的字符串文字 201601-25 IDEA Error:java: 未结束的字符串文字 IDEA开发, ...
- android studio Error:java.lang.OutOfMemoryError: GC overhead limit exceeded
android studio Error:java.lang.OutOfMemoryError: GC overhead limit exceeded 在app下的build.gradle中找到and ...
- hive脚本出现Error: java.lang.RuntimeException: Error in configuring object和Caused by: java.lang.IndexOutOfBoundsException: Index: 9, Size: 9
是在reduce阶段报的错误,详细错误信息是 朱传豪 19:04:48 Diagnostic Messages for this Task: Error: java.lang.RuntimeExcep ...
- 【Xamarin报错】 COMPILETODALVIK : UNEXPECTED TOP-LEVEL error java.lang.OutOfMemoryError: Java heap space
Xamarin Android 编译报错: COMPILETODALVIK : UNEXPECTED TOP-LEVEL error java.lang.OutOfMemoryError: Java ...
- hive分区导致FAILED: Hive Internal Error: java.lang.NullPointerException(null)
写了一条hive sql ,其中条件中存在 dt>=20150101 and dt<=20150228 这样的条件,原来执行没问题,今天就抛出 FAILED: Hive Internal ...
随机推荐
- SSM-SpringMVC-19:SpringMVC中请求和响应的乱码解决
------------吾亦无他,唯手熟尔,谦卑若愚,好学若饥------------- 配置一道拦截器即可解决乱码 配置方式如下: 在web.xml中: <!--过滤器处理乱码--> ...
- C#温故而知新系列 -- 闭包
闭包的由来 要说闭包的由来就不得不先说下函数式编程了.近几年函数式编程也是比较火热,我们先来看看函数式编程的一些基本的特性这个有助于我们理解闭包的由来. 函数式编程 函数式编程是一种编程模型,他将计算 ...
- Jmeter4.0分布式测试时启动Jmeter.server时报错
最近又开始研究Jmeter,将新版本4.0下载下来体验,准备远程分布式测试,又出现一些问题,废话不多说,直入主题把! Windows 系统启动Jmeter 4.0的JmeterServer.ba ...
- Ubuntu安装和卸载.bundle格式的VMware
本文由荒原之梦原创,原文链接:http://zhaokaifeng.com/?p=628 前言: 本文中用于演示的.bundle文件是VMware-Workstation-Full-14.1.1-75 ...
- 三. 200多万元得到的创业教训--创业并不需要app
摘要:有个点子,研发app或网站,推广,不断改进,探索盈利模式.这个通用的移动互联网创业流程.但我认为,在某些特定的商业模式下,"研发app或网站"这步可以砍掉或推迟. 健生干货分 ...
- driver匹配元素定位用法大全
# -*- coding:utf-8 -*- from selenium import webdriver from selenium.webdriver.common.by import By fr ...
- Nordic nRF51/nRF52开发流程说明
Nordic nRF51系列包括nRF51822/nRF51422/nRF51802等芯片,nRF52系列包括nRF52832/nRF52840/nRF52810等芯片,硬件工程师可以按照如下流程去评 ...
- bzoj5249 [2018多省省队联测]IIIDX
转化一下问题变成给定一棵树,一个序列,求父亲的权值小于子树的最大方案. 直接贪心会在有重复权值时出现错误,我们考虑用线段树优化贪心. 将序列从小到大排序,线段树上每个点记录他和他右边当前还可用的权值, ...
- AngularJs 服务 广播
1, angularJs的服务有provider,Service, Factory. Factory是对Service的封装,Service是对Provider的封装. Provide的源码如下: f ...
- monkey----log分析要求
对monkey测试过程中生成的XXX.log文件中进行关键字的查找.主要查找讯息如下: (1) anr项:即无响应,一般形式为ANR in org.codeaurora.bluetooth: (2)c ...