(ranger) branch master updated: RANGER-5199 : Connection to Ranger KMS DB fails with secure MySQL/maria DB (#562)

[dhavalshah9131]

This is an automated email from the ASF dual-hosted git repository.

dhavalshah9131 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git


The following commit(s) were added to refs/heads/master by this push:
     new a82ec7b49 RANGER-5199 : Connection to Ranger KMS DB fails with secure 
MySQL/maria DB (#562)
a82ec7b49 is described below

commit a82ec7b49d8f5b590fbd8a84e55a213b8cba6047
Author: dhavalshah9131 <35031652+dhavalshah9...@users.noreply.github.com>
AuthorDate: Mon May 12 14:10:04 2025 +0530

    RANGER-5199 : Connection to Ranger KMS DB fails with secure MySQL/maria DB 
(#562)
---
 .../java/org/apache/hadoop/crypto/key/RangerKMSDB.java   | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java 
b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
index 54aa97107..7fa19e723 100755
--- a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
+++ b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKMSDB.java
@@ -162,7 +162,8 @@ private int getDBFlavor(Configuration newConfig) {
     private void updateDBSSLURL() {
         if (conf != null && conf.get(PROPERTY_PREFIX + DB_SSL_ENABLED) != 
null) {
             final String dbSslEnabled = normalize(conf.get(PROPERTY_PREFIX + 
DB_SSL_ENABLED));
-
+            String rangerJpaJdbcUrl = conf.get(PROPERTY_PREFIX + DB_URL);
+            int dbFlavor = getDBFlavor(conf);
             if ("true".equalsIgnoreCase(dbSslEnabled)) {
                 final String dbSslRequired                = 
normalize(conf.get(PROPERTY_PREFIX + DB_SSL_REQUIRED));
                 final String dbSslVerifyServerCertificate = 
normalize(conf.get(PROPERTY_PREFIX + DB_SSL_VerifyServerCertificate));
@@ -173,13 +174,9 @@ private void updateDBSSLURL() {
                 conf.set(PROPERTY_PREFIX + DB_SSL_VerifyServerCertificate, 
dbSslVerifyServerCertificate);
                 conf.set(PROPERTY_PREFIX + DB_SSL_AUTH_TYPE, dbSslAuthType);
 
-                String rangerJpaJdbcUrl = conf.get(PROPERTY_PREFIX + DB_URL);
-
                 if (StringUtils.isNotEmpty(rangerJpaJdbcUrl) && 
!rangerJpaJdbcUrl.contains("?")) {
                     StringBuilder rangerJpaJdbcUrlSsl = new 
StringBuilder(rangerJpaJdbcUrl);
 
-                    int dbFlavor = getDBFlavor(conf);
-
                     if (dbFlavor == DB_FLAVOR_MYSQL) {
                         
rangerJpaJdbcUrlSsl.append("?useSSL=").append(dbSslEnabled)
                                 .append("&requireSSL=").append(dbSslRequired)
@@ -244,6 +241,15 @@ private void updateDBSSLURL() {
                         logger.debug("truststore property '{}' value not 
found!", PROPERTY_PREFIX + DB_SSL_TRUSTSTORE);
                     }
                 }
+            } else {
+                if(dbFlavor == DB_FLAVOR_MYSQL){
+                   if(StringUtils.isNotEmpty(rangerJpaJdbcUrl) && 
!rangerJpaJdbcUrl.contains("?")) {
+                       rangerJpaJdbcUrl = rangerJpaJdbcUrl + "?useSSL=" + 
dbSslEnabled;
+                       conf.set(PROPERTY_PREFIX + DB_URL, rangerJpaJdbcUrl);
+                        jpaProperties.put(JPA_DB_URL, conf.get(PROPERTY_PREFIX 
+ DB_URL));
+                   }
+                }
+                
logger.info(PROPERTY_PREFIX+DB_URL+"="+conf.get(PROPERTY_PREFIX + DB_URL));
             }
         }
     }