I read the documentation but I am not able to, I have .crt file and .key file and .PFX file. Is that all is needed.
STEP 1: Get certificate from ambari-server echo | openssl s_client -showcerts -connect <AMBARI_HOst>:<AMBARI_HTTPs_PORT> 2>&1 | sed --quiet '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/ambari_certificate.cr STEP 2: Get path of ambari trustore and truststore password from Ambari properties cat /etc/ambari-server/conf/ambari.properties |grep truststore As per your ambari.properties below is the path and password :- ssl.trustStore.password=refer from ambari.property file ssl.trustStore.path=/etc/ambari-server/conf/ambari-server-truststore STEP 3: keytool -importcert -file /tmp/ambari_certificate.crt -keystore <keystore-path> STEP 4: ambari-server restart
Yes I did followed the same step but not using the self-signed cert. When I tried I did got couple of warning but the SSL configuration wasn't that clean but it worked. Port 8443 was open and could connect. But then I noticed that all earlier created HIVE Views are not displaying any data. It was giving error. I think I posted that error on another thread.
@Prakash Punj Let me take a look on the other thread.
Trust Store Setup - If you plan to use Ambari Views with your Ambari Server, after enabling SSL for Ambari using the instructions below, you must also configure a Truststore for the Ambari Server. Refer to Set Up Truststore for Ambari Server for more information.
I believe we can close this thread.
One more question, after setting this trust-store, do I need to do the same step again to re install the certificates ?
SSL is already working on Ambari-Server