Created 07-06-2017 04:33 PM
Hi,
We are planning to enable https for Ranger Admin Web Interface.
We have already enable https for Amabri. Amabri and Ranger are in two different hosts. For Amabri we used CA Certs as below.
<ambari-host>.crt <ambari-host>.csr <ambari-host>.key
I see two posts on the community connection related to this topic.
1. Support KB Article
This doesn't talk about the need for certs or truststore setup.
2.
This talks about certs and truststores.
Does anyone has more insight into this information? Which one should we follow ?
Thanks
Bas
Created 07-07-2017 08:25 AM
I think this document will help you
Created 07-07-2017 01:02 PM
Thanks for your response. I looked at the document already. My question can we simply follow support article by @cdraper when we have ambari already enabled for SSL ? Or we need to create the keystore/truststore first and then configure?
Thanks
Bas
Created 07-07-2017 02:04 PM
Bas Madala you need to create ks/ts and then configure it in ranger and corresponding plugin configuration , the article you mentioned , just tells about enabling or disabling HTTPS for web UI.
Created 07-10-2017 02:47 PM
Thanks for the info. Our requirement is also just to enable HTTPS for web UI. We are not planning for enabling SSL for other HDP components. So does the article by @cdraper server that purpose?
Thanks
Bas
Created 07-07-2017 07:59 PM
Please follow the steps in https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.6.1/bk_security/content/configure_ambari_ranger... according to your env. Keystore/Truststore need to be properly setup.
2-way SSL is not required if you are using kerberos (from HDP 2.5 onwards)