New Contributor
Posts: 7
Registered: ‎08-17-2017

Setup SSL on Hadoop UI and SOLR on AD Kerberos integration


We have setup Hadoop on Cloudera 5.12 with AD and kerberos integration with VPC setup.   Now we need to enable SSL for all UI (including Hue and NN UI etc).
With the option selected for "enable SSL in HDFS" in the config files using CM - we have been able to block access to the UI but the UI does not authenticate any AD user.   We have searched for the documentation on SSL and does not seem to get much details.  We need your help in understanding how to setup SSL and securely access the UI with proper authentcation.  We are connecting to AWS cluster over VPN for our Hadoop platform. 
Cloudera Employee
Posts: 31
Registered: ‎05-29-2017

Re: Setup SSL on Hadoop UI and SOLR on AD Kerberos integration

[ Edited ]

Hi Rabk,

I think you're asking more information about the step 8. in our enabling TLS documentation, which recommends turning on authentication if you set up TLS.

In a CDH cluster, authentication is usually provided by kerberos, whereas encryption on the wire is provided by TLS. By turning on "Enable Kerberos Authentication for HTTP Web-Consoles" the webservices will require SPNEGO authentication, with a trusted kerberos principal. We've a documentation on Enable Kerberos Authentication for HTTP Web-Consoles as a part of our kerberos setup guide, and on setting up browsers for SPNEGO authentication. You can also find information about that authentication in the Apache documentation.

Do you have any specific questions about that?