This is the documentation for Cloudera Enterprise 5.8.x. Documentation for other versions is available at Cloudera Documentation.

Configuring TLS/SSL for the Cloudera Navigator Data Management Component

  Important: The following instructions assume you have a Java keystore set up on the Navigator Metadata Server host.
To enable SSL communication between the Cloudera Navigator Metadata Server and its clients:
  1. Open the Cloudera Manager Admin Console and go to the Cloudera Management Service.
  2. Click the Configuration tab.
  3. Select Scope > Navigator Metadata Server.
  4. Select Category > Security.
  5. Edit the following properties according to your cluster configuration.
    Property Description
    Enable TLS/SSL for Navigator Metadata Server Encrypt communication between clients and Navigator Metadata Server using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
    TLS/SSL Keystore File Location The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Navigator Metadata Server is acting as a TLS/SSL server. The keystore must be in JKS format.
    TLS/SSL Keystore File Password The password for the Navigator Metadata Server JKS keystore file.
    TLS/SSL Keystore Key Password The password that protects the private key contained in the JKS keystore used when Navigator Metadata Server is acting as a TLS/SSL server.
  6. Click Save Changes to commit the changes.
  7. Restart the Navigator Metadata Server.
  8. Restart Impala.
  Note: Once you have enabled TLS/SSL, the Quick Links in Cloudera Manager pointing to the Cloudera Navigator UI will not work as they use HTTP, not HTTPS.
Page generated July 8, 2016.