Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

SSL for cloudera manager

avatar
author-rank JobBranwl
Explorer

Created ‎09-13-2023 10:44 PM

Hello,

I'm setting up new cluster for educational purposes and configuring SSL using case 2 "Enabling Auto-TLS with an intermediate CA signed by an existing Root CA ", I just installed cloudera manager and enabled the kerbros using Free IPA & created the certificates using JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk /opt/cloudera/cm-agent/bin/certmanager setup --configure-services --stop-at-csr. But when I sign the csr from the IPA server I got the attached error,, Any help please

Note: I'm using the user that automatically created by cloudera manager when setting the kerbros as principle, for more info >>  Step 3: Create the Kerberos Principal for Cloudera Manager Server | CDP Private Cloud

Screenshot 2023-09-14 084046.png

737 Views
0 Kudos
1 REPLY 1

avatar
author-rank Rajat_710 author-rank
Super Collaborator

Created ‎04-21-2024 11:38 PM

hi, @JobBranwl not sure how free IPA works, but it looks like whichever user you are using to generate this cart does not match the certificate CommanName i.e., CN. You might need to check on that part.

473 Views
0 Kudos
Announcements
Product Announcements
Introducing Cloudera 7.3.1: Unified Runtime, Modernized Vers...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
What's New @ Cloudera
Cloudera Operational Database supports assigning ODAdmin rol...
What's New @ Cloudera
Security-Enhanced Linux (SELinux) support in Cloudera Operat...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
View More Announcements