Community Articles

apappu · ‎02-23-2017

1. Create keystore file first.

keytool -genkey -keyalg RSA -alias ooziehost -keystore keystore.jks -validity 360 -keysize 2048

2. Login to Ambari server and go to Oozie configurations.

3. Add below configurations under "Advanced oozie-env"

export OOZIE_HTTPS_PORT=11443
export OOZIE_HTTPS_KEYSTORE_FILE=/tmp/keystore.jks
export OOZIE_HTTPS_KEYSTORE_PASS=bigdata

4. Restart Oozie service from UI.

5. Now launch the Oozie UI from quick links - you should be able to access the URL

Note: Make sure to import the cert into Ambari Truststore.

KuldeepK · ‎10-31-2017

@amarnath reddy pappu - I believe we will have to regenerate war file in secure mode and restart Oozie service again.

su -l oozie -c "/usr/hdp/current/oozie-server/bin/oozie-setup.sh prepare-war -secure"

sroberts · ‎10-03-2018

This would result in the keystore pass being stored in plain-text.

Is there a more secure method of storing the keystore pass?

Steps to enable SSL for oozie UI