Configuring TLS/SSL for Navigator Metadata Server

Cloudera Navigator supports TLS/SSL encryption for network communications between the Navigator Metadata Server and clients, such as the web browser used for Cloudera Navigator console. Typically, TLS/SSL is configured for the entire cluster, so it is possible that the server key and certificate already exist on the specific host running the Navigator Metadata Server role. The assumption in the steps below is that the cluster is already configured for TLS/SSL and the security artifacts have already been obtained and deployed to the host running the Navigator Metadata Server role instance.

  1. Log in to the Cloudera Manager Admin Console.
  2. Select Clusters > Cloudera Management Service.
  3. Click the Configuration tab.
  4. Select Scope > Navigator Metadata Server.
  5. Select Category > Security.
  6. Edit the following properties according to your cluster configuration.
    Property Description
    Enable TLS/SSL for Navigator Metadata Server Encrypt network communications between clients and Navigator Metadata Server using TLS/SSL.
    TLS/SSL Keystore File Location The path to the keystore file containing the server private key and certificate. The keystore must be in JKS format.
    TLS/SSL Keystore File Password The password for the Navigator Metadata Server JKS keystore file.
    TLS/SSL Keystore Key Password The password for the private key contained in the JKS keystore.
  7. Click Save Changes.
  8. Restart the Navigator Metadata Server role.