Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Labels (1)
Expert Contributor

The steps to set up Atlas with Ldaps (ssl) are below.

Download the AD CA certificate on Atlas instance

echo -n | openssl s_client -connect ad.xx.xx.com:636 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /root/ldaps-ca.cert

View the certificate

openssl x509 -noout -text -in /root/ldaps-ca.cert

Import the AD CA certificate to trust-store in Atlas instance.

$JAVA_HOME/bin/keytool -import -alias AD -keystore /home/nixon/ad-truststore -file /root/ldaps-ca.cert  

#remember the password used while importing into trust-store

Verify the certificate added to trust-store.

$JAVA_HOME/bin/keytool -list -alias AD -keystore /etc/atlas/conf/ad-truststore

Change ownership of trust-store if needed

chown atlas:hadoop /etc/atlas/conf/ad-truststore

Add the following config to Atlas Advanced atlas-env metadata_opts via Ambari, so that ATLAS_OPTS is set within atlas-env.sh

-Djavax.net.ssl.trustStore=/etc/atlas/conf/ad-truststore -Djavax.net.ssl.trustStorePassword=<password>

Or can be added as env variable in atlas_start.py for atlas java process.

1,075 Views
Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎11-20-2017 10:45 PM
Updated by:
 
Contributors
Top Kudoed Authors