Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

LDAP no longer supported

Labels:
avatar
author-rank cpuengr
Explorer

Created on ‎10-06-2016 03:38 PM - edited ‎09-16-2022 03:43 AM

I set up my kerberized cluster with LDAP a long time ago. I am now trying to add services after upgrading to CM 5.8.2 which require more kerberos accounts on AD, and it looks like it only supports LDAPS. Is this correct? 

I can add LDAPS to my AD server, but where do I put the certificate on CM?

 

Thank You

2,015 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank rufusayeni author-rank
Rising Star

Created ‎10-06-2016 07:34 PM

Hello,

 

The AD certificate goes in the JVM keystore on CM:

 

1. On the domain controller, export the certificate in the "Base-64 encoded X.509 (.CER) format.

 

2. Copy the file to the Cloudera Manager host using an SCP/SSH tool such as WinSCP.

 

3. Import the certificate into your JVM keystore:

 

keytool -import -alias <alias-for-cert> -file <path-to-cert> -keystore <path-to-keystore> -storepass <keystore password>

Note: The truststore is usually located at: $JAVA_HOME/jre/lib/security/cacerts.

View solution in original post

2,006 Views
1 REPLY 1

avatar
author-rank rufusayeni author-rank
Rising Star

Created ‎10-06-2016 07:34 PM

Hello,

 

The AD certificate goes in the JVM keystore on CM:

 

1. On the domain controller, export the certificate in the "Base-64 encoded X.509 (.CER) format.

 

2. Copy the file to the Cloudera Manager host using an SCP/SSH tool such as WinSCP.

 

3. Import the certificate into your JVM keystore:

 

keytool -import -alias <alias-for-cert> -file <path-to-cert> -keystore <path-to-keystore> -storepass <keystore password>

Note: The truststore is usually located at: $JAVA_HOME/jre/lib/security/cacerts.

2,007 Views
Announcements
Community Announcements
Welcome to the Cloudera Community!
Community Announcements
September 2025 Community Highlights
What's New @ Cloudera
Upgrade Your Spark Experience: Introducing CDS 3.5 for Cloud...
Community Announcements
August 2025 Community Highlights
Community Announcements
July 2025 Community Highlights
View More Announcements