Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
According to this: (https://knox.apache.org/books/knox-1-3-0/user-guide.html#Certificate+Export)
When we export a certificate using this command:
bin/knoxcli.sh export-cert [--type JKS|PEM|JCEKS|PKCS12] [–help]
The certificate should come with name: 'gateway-client-trust.<type>'.
This is working fine for formats JKS, JCEKS, PKCS12. But for PEM the certificate file name is "gateway-identity.pem"
Execution Sample:
[root@quasar-dwblwf-2 ~]# export KNOX_GATEWAY_CONF_DIR=/var/lib/knox/gateway/conf [root@quasar-dwblwf-2 ~]# export KNOX_GATEWAY_DATA_DIR=/var/lib/knox/gateway/data [root@quasar-dwblwf-2 ~]# /opt/cloudera/parcels/CDH/lib/knox/bin/knoxcli.sh export-cert --type JKS Certificate gateway-identity has been successfully exported to: /var/lib/knox/gateway/data/security/keystores/gateway-client-trust.jks [root@quasar-dwblwf-2 ~]# /opt/cloudera/parcels/CDH/lib/knox/bin/knoxcli.sh export-cert --type PKCS12 Certificate gateway-identity has been successfully exported to: /var/lib/knox/gateway/data/security/keystores/gateway-client-trust.pkcs12 [root@quasar-dwblwf-2 ~]# /opt/cloudera/parcels/CDH/lib/knox/bin/knoxcli.sh export-cert --type JCEKS Certificate gateway-identity has been successfully exported to: /var/lib/knox/gateway/data/security/keystores/gateway-client-trust.jceks [root@quasar-dwblwf-2 ~]# /opt/cloudera/parcels/CDH/lib/knox/bin/knoxcli.sh export-cert --type PEM Certificate gateway-identity has been successfully exported to: /var/lib/knox/gateway/data/security/keystores/gateway-identity.pem