Community Articles

Find and share helpful community-sourced technical articles.
Labels (2)
avatar

1. Create keystore file first.

keytool -genkey -keyalg RSA -alias ooziehost -keystore keystore.jks -validity 360 -keysize 2048

2. Login to Ambari server and go to Oozie configurations.

3. Add below configurations under "Advanced oozie-env"

export OOZIE_HTTPS_PORT=11443
export OOZIE_HTTPS_KEYSTORE_FILE=/tmp/keystore.jks
export OOZIE_HTTPS_KEYSTORE_PASS=bigdata

4. Restart Oozie service from UI.

5. Now launch the Oozie UI from quick links - you should be able to access the URL

https://OOZIEHOST:11443/oozie/

Note: Make sure to import the cert into Ambari Truststore.

3,348 Views
Comments
avatar
Master Guru

@amarnath reddy pappu - I believe we will have to regenerate war file in secure mode and restart Oozie service again.

su -l oozie -c "/usr/hdp/current/oozie-server/bin/oozie-setup.sh prepare-war -secure"
avatar

This would result in the keystore pass being stored in plain-text.

Is there a more secure method of storing the keystore pass?