knox is not getting start, failing with error Gateway SSL Certificate is Expired

When you try to start knox then if it fails with following error then don’t worry, this article will help you to solve problem.

INFO hadoop.gateway ( logAndValidateCertificate(122)) – The Gateway SSL certificate is valid between:  FATAL hadoop.gateway ( (120)) – Failed to start gateway: ServiceLifecycleException: Gateway SSL Certificate is Expired.


Root cause: It is because of your gateway.jks file corrupted.

Resolution: So to solve this issue you need to follow given steps:

  • On the knox gateway locate the gateway.jks file — it is usually in the path /var/lib/knox/data*/security/keystores/gateway.jks

[knox@m1.hdp22 ~]$ ls -ltrh /var/lib/knox/data-*
-rw-r--r-- 1 knox knox 32 Aug 28 05:42 /var/lib/knox/data-
-rw-r--r-- 1 knox knox 1.4K Aug 28 05:42 /var/lib/knox/data-
-rw-r--r-- 1 knox knox 511 Aug 28 08:53 /var/lib/knox/data-

  • Move the original file gateway.jks to another directory as a backup copy
  • Restart the knox server