Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Need help to revert back some changes i made through CM for level 1 tls

avatar
New Contributor

Hi All,

 

I am new to cdh and was trying to implement Kerberos in my cluster.

As a pre-requisite for installing kerberos, i had to implement Level 1 TLS (min) on my cluster.

So i started with the steps that are provided here: https://www.cloudera.com/documentation/enterprise/5-6-x/topics/cm_sg_config_tls_encr.html#topic_2.

I had completed all the steps and restarted cloudera-scm-agents in all the hosts and cloudera-scm-server in my NN.

But my cloudera-scm-server stops automatically after few secs.

I tried to revert back the changes but other than changing 'use_tls', i am unable to change Use TLS Encryption for Agents property which i changed through CM.

Due this my cluster as well as 7180 port doesn't start.

1) Can anybody let me know where exactly this property is located so that i can change it back through the command line?

    - Also, is this the right approach?

2) Can i now complete the pre-requisites and then try to start my cluster?

    - I saw that i have to use CM to enable HTTps Enable HTTPS for the Cloudera Manager Admin Console and Specify Server Keystore Properties for which i need to have CM, but since i am unable to start CM, what is the resolution.

3) Is reimaging the machines, the final option.

 

Also, can somebody explain the concept of having self signed in certificates and what is the need of certificates for availing security in CDH.

 

Thanks in advance!!!

 

Please help.

1 ACCEPTED SOLUTION

avatar
New Contributor

I changed the value to FALSE for agent_tls (was inside the config tables) in the postgre sql database and restared the cloudera-server.

It seems by enabling the use tls autentication for agents changed the value in the database.

 

The issue was fixed without any re-imaging.

View solution in original post

1 REPLY 1

avatar
New Contributor

I changed the value to FALSE for agent_tls (was inside the config tables) in the postgre sql database and restared the cloudera-server.

It seems by enabling the use tls autentication for agents changed the value in the database.

 

The issue was fixed without any re-imaging.