Community Articles
Find and share helpful community-sourced technical articles
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (2)

1. Create keystore file first.

keytool -genkey -keyalg RSA -alias ooziehost -keystore keystore.jks -validity 360 -keysize 2048

2. Login to Ambari server and go to Oozie configurations.

3. Add below configurations under "Advanced oozie-env"

export OOZIE_HTTPS_PORT=11443
export OOZIE_HTTPS_KEYSTORE_FILE=/tmp/keystore.jks

4. Restart Oozie service from UI.

5. Now launch the Oozie UI from quick links - you should be able to access the URL


Note: Make sure to import the cert into Ambari Truststore.

Super Guru

@amarnath reddy pappu - I believe we will have to regenerate war file in secure mode and restart Oozie service again.

su -l oozie -c "/usr/hdp/current/oozie-server/bin/ prepare-war -secure"

This would result in the keystore pass being stored in plain-text.

Is there a more secure method of storing the keystore pass?

Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎02-23-2017 05:20 PM
Updated by:
Top Kudoed Authors