08-29-2017 07:35 AM
We are setting up Cloudera Hadoop Cluster with 6 DN 1 NN 1 Edge Node and 1 Utility Node.
My Question is simple which all nodes ( machine ) I need to generate CSR (Certificate) ?
I am planning to generate 3 CSR
1 on NM with FQDN
1 on Cloudera manager with FQDN
1 on DN with wildcard (which can be copied across all DN )
09-06-2017 08:37 AM
Wildcard certificates are only working from CDH 5.10, which version do you plan to install?
A valid certificate is required for all nodes. In case of a wildcard certificate, it may be used on multiple nodes where it matches the hostname. If all of the DNs FQDN is matching the wildcard certificate, and your cluster version is at least 5.10.0, than I don't see any problems with your setup.