Hi Rafa, following are the checksum failed exception with additional logs gathered in query server side. ... 19 more Caused by: java.security.GeneralSecurityException: Checksum failed at sun.security.krb5.internal.crypto.dk.ArcFourCrypto.decrypt(ArcFourCry pto.java:408) at sun.security.krb5.internal.crypto.ArcFourHmac.decrypt(ArcFourHmac.jav a:91) at sun.security.krb5.internal.crypto.ArcFourHmacEType.decrypt(ArcFourHma cEType.java:100) ... 25 more 17/10/19 05:42:10 DEBUG server.AvaticaJsonHandler: HTTP request from 172.0.0.4 i s unauthenticated and authentication is required 17/10/19 05:42:10 DEBUG server.HttpConnection: org.apache.phoenix.shaded.org.ecl ipse.jetty.server.HttpConnection$SendCallback@5891b2c8 [PROCESSING][i=ResponseInf o{HTTP/1.1 404 null,278,false},cb= org.apache.phoenix.shaded.org.eclipse.jetty.se rver.HttpChannel$CommitCallback@76bf3474] generate: NEED_HEADER (null,[p=0,l=278 ,c=2048,r=278],true)@START 17/10/19 05:42:10 DEBUG server.HttpConnection: org.apache.phoenix.shaded.org.ecl ipse.jetty.server.HttpConnection$SendCallback@5891b2c8 [PROCESSING][i=ResponseInf o{HTTP/1.1 404 null,278,false},cb= org.apache.phoenix.shaded.org.eclipse.jetty.se rver.HttpChannel$CommitCallback@76bf3474] generate: FLUSH ([p=0,l=210,c=8192,r=2 10],[p=0,l=278,c=2048,r=278],true)@COMPLETING 17/10/19 05:42:10 DEBUG io.WriteFlusher: write: WriteFlusher@3d86d805{IDLE} [Hea pByteBuffer@58e0ca22[p=0,l=210,c=8192,r=210]={<<>>erver: Jetty(9.2....\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\ x00\x00\x00},HeapByteBuffer@30ce894 [p=0,l=278,c=2048,r=278]={<<<\n\n \n\n>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00}] 17/10/19 05:42:10 DEBUG io.WriteFlusher: update WriteFlusher@3d86d805 {WRITING}:I DLE-->WRITING Regards, Mallieswari D On Thu, Oct 12, 2017 at 11:00 AM, Mallieswari Dineshbabu < dmallieswari@gmail.com> wrote: > Hi Rafa, > > As per your concerns, I have updated the JCE policy and tested now getting > "Checksum Failed" Exception. Please find the error below. > > > > GSSException: Failure unspecified at GSS-API level (Mechanism level: *Checksum > fa* > > *iled*) > > at sun.security.jgss.krb5.Krb5Context.acceptSecContext( > Krb5Context.java: > > 788) > > at sun.security.jgss.GSSContextImpl.acceptSecContext( > GSSContextImpl.java > > :342) > > at sun.security.jgss.GSSContextImpl.acceptSecContext( > GSSContextImpl.java > > :285) > > at sun.security.jgss.spnego.SpNegoContext.GSS_ > acceptSecContext(SpNegoCon > > text.java:871) > > at sun.security.jgss.spnego.SpNegoContext. > acceptSecContext(SpNegoContext > > .java:544) > > at sun.security.jgss.GSSContextImpl.acceptSecContext( > GSSContextImpl.java > > :342) > > at sun.security.jgss.GSSContextImpl.acceptSecContext( > GSSContextImpl.java > > :285) > > at org.apache.phoenix.shaded.org.eclipse.jetty.security. > SpnegoLoginServi > > ce.login(SpnegoLoginService.java:137) > > at org.apache.phoenix.shaded.org.eclipse.jetty.security. > authentication.L > > oginAuthenticator.login(LoginAuthenticator.java:61) > > at org.apache.phoenix.shaded.org.eclipse.jetty.security. > authentication.S > > pnegoAuthenticator.validateRequest(SpnegoAuthenticator.java:99) > > at org.apache.phoenix.shaded.org.eclipse.jetty.security. > SecurityHandler. > > handle(SecurityHandler.java:512) > > at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler. > HandlerLis > > t.handle(HandlerList.java:52) > > at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler. > HandlerWra > > pper.handle(HandlerWrapper.java:97) > > at org.apache.phoenix.shaded.org.eclipse.jetty.server.Server. > handle(Serv > > er.java:499) > > at org.apache.phoenix.shaded.org.eclipse.jetty.server. > HttpChannel.handle > > (HttpChannel.java:311) > > at org.apache.phoenix.shaded.org.eclipse.jetty.server. > HttpConnection.onF > > illable(HttpConnection.java:257) > > at org.apache.phoenix.shaded.org.eclipse.jetty.io. > AbstractConnection$2.r > > un(AbstractConnection.java:544) > > at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread. > QueuedThreadP > > ool.runJob(QueuedThreadPool.java:635) > > at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread. > QueuedThreadP > > ool$3.run(QueuedThreadPool.java:555) > > at java.lang.Thread.run(Thread.java:744) > > Caused by: KrbException: Checksum failed > > at sun.security.krb5.internal.crypto.ArcFourHmacEType. > decrypt(ArcFourHma > > cEType.java:102) > > at sun.security.krb5.internal.crypto.ArcFourHmacEType. > decrypt(ArcFourHma > > cEType.java:94) > > at sun.security.krb5.EncryptedData.decrypt(EncryptedData.java:177) > > at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:278) > > at sun.security.krb5.KrbApReq.(KrbApReq.java:144) > > at sun.security.jgss.krb5.InitSecContextToken.( > InitSecContextToken > > .java:108) > > at sun.security.jgss.krb5.Krb5Context.acceptSecContext( > Krb5Context.java: > > 771) > > ... 19 more > > Caused by: java.security.GeneralSecurityException: Checksum failed > > at sun.security.krb5.internal.crypto.dk.ArcFourCrypto. > decrypt(ArcFourCry > > pto.java:408) > > at sun.security.krb5.internal.crypto.ArcFourHmac.decrypt( > ArcFourHmac.jav > > a:91) > > at sun.security.krb5.internal.crypto.ArcFourHmacEType. > decrypt(ArcFourHma > > cEType.java:100) > > ... 25 more > > > > Please help me to fix this . > > > Regards, > > > Mallieswari D > > On Wed, Oct 11, 2017 at 5:42 PM, rafa wrote: > >> Hi Mallieswari, >> >> The error: >> >> KrbException: Encryption type AES256 CTS mode with HMAC SHA1-96 is not >> supported/enabled >> >> points to JCE not installed or incorrectly installed in the JVM. >> >> What I have configured is : Phoenix query server connects itself to the >> secured cluster with a valid kerberos principal and keytab. >> >> The access to query server : sqlline-thin.py http://hostname:8765 >> >> Regards, >> rafa >> > > > > -- > Thanks and regards > D.Mallieswari > -- Thanks and regards D.Mallieswari