09-15-2017 10:44 AM
09-20-2017 08:30 AM - edited 09-20-2017 08:30 AM
I think you're asking more information about the step 8. in our enabling TLS documentation, which recommends turning on authentication if you set up TLS.
In a CDH cluster, authentication is usually provided by kerberos, whereas encryption on the wire is provided by TLS. By turning on "Enable Kerberos Authentication for HTTP Web-Consoles" the webservices will require SPNEGO authentication, with a trusted kerberos principal. We've a documentation on Enable Kerberos Authentication for HTTP Web-Consoles as a part of our kerberos setup guide, and on setting up browsers for SPNEGO authentication. You can also find information about that authentication in the Apache documentation.
Do you have any specific questions about that?