Hi All,
I am new to cdh and was trying to implement Kerberos in my cluster.
As a pre-requisite for installing kerberos, i had to implement Level 1 TLS (min) on my cluster.
So i started with the steps that are provided here: https://www.cloudera.com/documentation/enterprise/5-6-x/topics/cm_sg_config_tls_encr.html#topic_2.
I had completed all the steps and restarted cloudera-scm-agents in all the hosts and cloudera-scm-server in my NN.
But my cloudera-scm-server stops automatically after few secs.
I tried to revert back the changes but other than changing 'use_tls', i am unable to change Use TLS Encryption for Agents property which i changed through CM.
Due this my cluster as well as 7180 port doesn't start.
1) Can anybody let me know where exactly this property is located so that i can change it back through the command line?
- Also, is this the right approach?
2) Can i now complete the pre-requisites and then try to start my cluster?
- I saw that i have to use CM to enable HTTps Enable HTTPS for the Cloudera Manager Admin Console and Specify Server Keystore Properties for which i need to have CM, but since i am unable to start CM, what is the resolution.
3) Is reimaging the machines, the final option.
Also, can somebody explain the concept of having self signed in certificates and what is the need of certificates for availing security in CDH.
Thanks in advance!!!
Please help.
