I am trying to configure the tls encryption in my test cluster using self-signed certificate but not able to find step by step documentation.
Could anybody will share me the link to follow the steps?
Thanks in advance.
After following this till step 3 I have created a hostname.jks and hostname.csr file.
now to change the .csr file to .pem file do I need to follow this How to Use Self-Signed Certificates for TLS. and after completing this. I again to need to follow this ( Configuring TLS Encryption for Cloudera Manager) from step 4.
Have I understood correct??
Yes, the overall procedure is in Configuring TLS Encryption for Cloudera Manager but the certificate creation related instructions you can skip and used those from How to Use Self-Signed Certificates for TLS. Note that no CSR need to be created when using self-signed certificates, this is only needed if certificates are signed by a CA.
I am facing the same issue. how do we get rootca.pem when using self signed cert?
is there a special document to use TLS with just self signed cert?
it is quite confusing.
The same documentation chapters do apply, with the addition of How to Use Self-Signed Certificates for TLS chapter which has instructions for creating self-signed certificates.
As there is no CA certificate when using self-signed certificates, please add the server certificate of the service you are connecting to (e.g. CM server certificate) into the corresponding truststore file (like rootca.pem)