Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Need info or Kerberos and TLS/SSL

avatar
author-rank avsagar99
New Contributor

Created on ‎09-07-2021 06:25 AM - edited ‎09-16-2022 07:43 AM

Hi All,

 

Need the below info for the Cloudera Manager and CDH 5.16  free version.


1) kerberos support with free version of Cloudera Manager
2) mutual TLS/SSL and certificate rotation for free version.
3) Any secure key vault tool available with Cloudera

 

Thanks and Regards,

Sagar

 

595 Views
0 Kudos
1 REPLY 1

avatar
ask_bill_brooks author-rank
Moderator

Created on ‎09-07-2021 10:51 PM - edited ‎09-07-2021 11:05 PM

Hi @avsagar99 

Well, Cloudera Enterprise 5.16 became generally available in the Fall of 2018. As you no doubt are aware, that was quite a while ago, especially in terms of "internet time". Cloudera Enterprise 5.16 reached it's end of support date in December 2020 (open that link and then expand the section labeled "Cloudera Enterprise products" underneath Current End of Support (EoS) Dates). The current Enterprise Data Platform offered by Cloudera is Cloudera Data Platform (CDP), which in it's on-premises "form factor" is offered as CDP Private Cloud. CDP supersedes CDH as it is fairly up to date on all the included components, which is not the case with CDH 5.16.

 

There used to be an edition of CDH called "Cloudera Express" and many people interpreted the fact that versions of CDH called "Cloudera Enterprise" required a license to mean that "Cloudera Express" was "free". I'll take your use of the term "free version" as an indication that you're making this same assumption. You can read more about the differences between Cloudera Express and Cloudera Enterprise here: Managing Licenses. Cloudera Express was discontinued by Cloudera in the Winter of 2020, please see the announcement here: Cloudera Enterprise 6.3.3 Released

…scroll down to the subsection Important Note About Cloudera Express.

 

That being said, you can begin reading about using Kerberos on/with Cloudera Enterprise 5.16.x here: Kerberos Security Artifacts Overview.

 

You can find an overview of configuring TLS encryption for 5.16.x between Cloudera Manager Server and all cluster hosts here: Configuring TLS Encryption for Cloudera Manager.

 

As far as certificate rotation, you can read about that topic for Cloudera Enterprise 5.16.x here: How To Renew and Redistribute Certificates. Note that only TLS 1.2 is supported on CDH 5.16, so your plan to use that version of CDH may be self-defeating.

 

I don't quite know what you're referring to when you write "secure key vault tool". Assuming you are referring to key management tools that let you create the security artifacts needed for TLS/SSL, you can read about that for 5.16.x here: How To Obtain and Deploy Keys and Certificates for TLS/SSL.

 

 

Bill Brooks, Community Moderator
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
565 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements