Cloudera Docs

Troubleshooting the certification update process

In case any error occurs during the execution of the cert_refresh.sh script, you can use the following actions to troubleshoot the certification update.

You can view the logs of the execution script at /var/log/ccmv2_cert_refresh.log.

Restoring certificates from backup

  1. Access the cluster node using SSH.
  2. List the available backups:
    ./cert_refresh.sh list-backups
  3. Restore a specific backup:
    cp /etc/jumpgate/backup/config.toml.backup.YYYYMMDD_HHMMSS /etc/jumpgate/config.toml
chown root:jumpgate /etc/jumpgate/config.toml
chmod 640 /etc/jumpgate/config.toml
systemctl restart jumpgate-agent.service

Manual Certificate Update

  1. Backup the current configuration file:
    cp /etc/jumpgate/config.toml /etc/jumpgate/config.toml.backup.manual
  2. Edit the configuration file:
    nano /etc/jumpgate/config.toml
  3. Update relayServerCertificate field:
    # relayServerCertificate = """
# [***PASTE THE CERTIFICATION CONTENT HERE***]
# """
  4. Restart the service:
    systemctl restart jumpgate-agent.service
  5. Verify the service status:
    systemctl status jumpgate-agent.service
#OR
jumpgate-agent status