Configuring TLS/SSL for Cloudera Navigator Metadata Server

Cloudera Navigator supports TLS/SSL encryption for network communications between the Navigator Metadata Server and clients, such as the web browser used for Cloudera Navigator console. Typically, TLS/SSL is configured for the entire cluster, so it is possible that the server key and certificate already exist on the specific host running the Navigator Metadata Server role because that role runs on the same host as Cloudera Management Server. See Configuring Cloudera Manager Clusters for TLS/SSL for more information about configuring TLS/SSL for Cloudera Manager clusters.
  1. Open the Cloudera Manager Admin Console and go to the Cloudera Management Service.
  2. Click the Configuration tab.
  3. Select Scope > Navigator Metadata Server.
  4. Select Category > Security.
  5. Edit the following properties according to your cluster configuration.
    Property Description
    Enable TLS/SSL for Navigator Metadata Server Encrypt network communications between clients and Navigator Metadata Server using TLS/SSL.
    TLS/SSL Keystore File Location The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when Navigator Metadata Server is acting as a TLS/SSL server. The keystore must be in JKS format.
    TLS/SSL Keystore File Password The password for the Navigator Metadata Server JKS keystore file.
    TLS/SSL Keystore Key Password The password that protects the private key contained in the JKS keystore used when Navigator Metadata Server is acting as a TLS/SSL server.
  6. Click Save Changes.
  7. Restart the Navigator Metadata Server role.
  8. Restart Impala.