Help Center/ MapReduce Service/ Developer Guide (LTS)/ Manager Management Development Guide/ More Information/ FAQ/ JDK1.6 Fails to Connect to the FusionInsight System Using JDK1.8
Updated on 2022-07-11 GMT+08:00

JDK1.6 Fails to Connect to the FusionInsight System Using JDK1.8

Question

The MRS system uses JDK1.8 and supports TLSv1.2 and TLSv1.2. Some users can only use JDK1.6 to connect to the MRS system, and the connection fails.

Answer

Solution: Add an SSL of an earlier version.

  1. Add an SSL of an earlier version, for example, TLSv1, to the server.xml file in the ${BIGDATA_HOME}/om-server/tomcat/conf directory. In the file, there are two contexts to be modified.

    First context:
      <Connector port="20009" address="10.52.0.35" protocol="com.omm.huawei.tomcat.http11.Http11Protocol" SSLEnabled="true"         
                 maxHttpHeaderSize="8192" maxPostSize="10240"
                 maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
                 enableLookups="false" disableUploadTimeout="true"
                 acceptCount="100" scheme="https" secure="true"
                 clientAuth="false" sslProtocol="TLS"  sslEnabledProtocols = "TLSv1.1,TLSv1.2,TLSv1"
    Second context:
      <Connector port="28443" address="10.52.0.35" protocol="com.omm.huawei.tomcat.http11.Http11Protocol" SSLEnabled="true"
                 scheme="https"
                 secure="true"
                 maxThreads="500"
                 acceptCount="500"
                 connectionTimeout="20000"
                 maxPostSize="10240"
                 clientAuth="false"
                 allowTrace="false"
                 sslProtocol="TLS" sslEnabledProtocols = "TLSv1.1,TLSv1.2,TLSv1"

  2. Set the userTLSVersion parameter in the main method of the commissioning source file to be the same as that added in the server.xml file, for example, TLSv1.

       String webUrl = resourceBundle .getString("webUrl"); 
                LOG .info("The webUrl is:{}",webUrl); 
                if(password == null || password .isEmpty()) 
                { 
                    LOG .error("The password is empty."); 
                } 
                //userTLSVersion is mandatory, which is an important parameter used for connecting the JDK1.6 server and the JDK1.8 server. If the JDK1.8 server is used, set this parameter to a null character string. 
                String userTLSVersion = "TLSv1" ; 
                //Invoke the firstAccess interface to perform the login authentication. 
                LOG .info("Begin to get httpclient and access."); 
                BasicAuthAccess authAccess = new BasicAuthAccess(); 
                HttpClient httpclient = authAccess .firstAccess(webUrl , userName , password , userTLSVersion);

  3. The other steps are the same as those for the JDK1.8 server. For details, see Example Code Description.

    This solution can resolve the connection problem. However, the SSL of earlier versions may cause security risks to the system. Remind users to use JDK1.8.