What needs to be done to make Cloudera Manger use https?
By default it is using http.
If Hadoop hosts communicate on the internal network (and data nodes are not known to DNS on external network) but Hue/CM host is a gateway and faces both networks, do I need different certificates on the internal and external networks (considering that IP addresses and hostnames are different)? One certificate for external web clients connecting to external interface of Hue/CM server (which is known to DNS and for which I can request CA-signed certificate) and the other certificate for communication on the internal network (not known to DNS and for which I probably cannot request CA-signed certificate but have to generate my own) with various Hadoop services? Would Kerberos work if I only use TLS to secure communication between a web browser on the external network and CM (Level 1 TLS) or do I have to go all the way to Level 3 TLS before enabling Kerberos?