You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Im trying to secure our installation with HTTPS certificate and internal TLS so that i can use LDAP for authentication. However i run into the below error. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
This occurs when i connect via 'https://internal-fqdn'. Our organization has a wildcard certificate issued by GoDaddy and that has been added to the cluster in the form of a secret. Then this certificate is terminated on the ingress with the backend protocol set to HTTPS.
If i visit the site via a web browser the site says there is a certificate and that it is valid. However if i connect via the Trino.jar application with the command ./trino.jar https://internal-fqdn and then run show catalogs; the error appears. Remove the TLS and connect via http and this error does not occur. any suggestions?
For context too i have the following configuration in our helm values file as well additionalConfigProperties: [ #To allow the certificate to be terminated at the ingress http-server.process-forwarded=true, #This is required for the nodes and coordiantor to encypt traffic between each other internal-communication.shared-secret={redacted secret phrase}, internal-communication.https.required=true, #Not needed according to https://trino.io/docs/current/security/tls.html#https-secure-directly:~:text=This%20is%20why%20you%20do%20not%20need%20to%20configure%20http%2Dserver.https.enabled%3Dtrue #http-server.https.enabled=true, #http-server.https.port=8443 ]
The text was updated successfully, but these errors were encountered:
@adityatanwar03 Unfortunately i have not yet. I've been held up with other projects and sidelined this, but will need to look again over the next week or so. After some talks in the slack community i believe it could be related to the keystore, however i haven't seen much documentation around how thats supposed to be setup for the chart so i haven't changed it from default. Could be my issue, so ill be starting there? But open to suggestions.
Well i tried setting this up with a keystore as well but seem to get stuck with the same error as you are getting , funny thing that i am still able to choose schemas but not able to see tables then this error message pops up. Let me know whenever you start working on it @EvodiDunn
Hey,
Im trying to secure our installation with HTTPS certificate and internal TLS so that i can use LDAP for authentication. However i run into the below error.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
This occurs when i connect via 'https://internal-fqdn'. Our organization has a wildcard certificate issued by GoDaddy and that has been added to the cluster in the form of a secret. Then this certificate is terminated on the ingress with the backend protocol set to HTTPS.
If i visit the site via a web browser the site says there is a certificate and that it is valid. However if i connect via the Trino.jar application with the command
./trino.jar https://internal-fqdn
and then runshow catalogs;
the error appears. Remove the TLS and connect via http and this error does not occur. any suggestions?For context too i have the following configuration in our helm values file as well
additionalConfigProperties:
[
#To allow the certificate to be terminated at the ingress
http-server.process-forwarded=true,
#This is required for the nodes and coordiantor to encypt traffic between each other
internal-communication.shared-secret={redacted secret phrase},
internal-communication.https.required=true,
#Not needed according to https://trino.io/docs/current/security/tls.html#https-secure-directly:~:text=This%20is%20why%20you%20do%20not%20need%20to%20configure%20http%2Dserver.https.enabled%3Dtrue
#http-server.https.enabled=true,
#http-server.https.port=8443
]
The text was updated successfully, but these errors were encountered: