Closed joechu1 closed 4 years ago
Fantastic work, @joechu1! I'll look this over and get it merged in. Thanks for your improvements here.
@joechu1 I pushed to your repo's branch. I updated the SSL directory and the readme accordingly. I also symlinked to the Presto CLI JAR file instead of creating an alias to it in the Presto Dockerfile, so now you can invoke the CLI from outside of the container without needing to point to the artifact, i.e.
docker exec -it presto presto-cli --execute "select 1"
will now work.
Ran into some issues when starting up Minipresto with the ldap security module:
/etc/pki/java/cacerts is still using default password
changeit
, but keytool is trying to add the certificate using the passwordprestoRocks15
Attempts to use original password
ldap
, but password was already changed toprestoRocks15
with the environment variable property LDAP_ADMIN_PASSWORD in the ldap.yml file.SSL certs only allows wildcards to the next-level sub-domain. Changing the CN to
*.minipresto.starburstdata.com
would work, but opted to add SANs instead to allow additional ways to connect to Presto.Changes were made to fix the above issues, to make the client keystore and truststore more accessible, and to update the README.