I'm a little of bit lost to setup SSL for ambari WebUi.
Here is my lab environment.
I have an ambari server and a MS active directory with Certificate Authority and Web enrolment service configured.
I generated ambari_fqdn.csr, ambari_fqdn.crt and ambari_fqdn.key (using openssl as described in this tuto https://community.hortonworks.com/articles/39865/enabling-https-for-ambariserver-and-troubleshootin.....
Any help for the next steps will be appreciate.
You will need to import MS Active directory certificate to Ambari Server's truststore else while ambari server will try to fetch user details from AD you might see some SSL exception if you have not imported AD certificate to Ambari Server's truststore.
The mentioned article shows how to setup Ambari Server trust store.
Are you getting any error exception?
Thanks for your answer.
Before configure trustore, I though that I need to sign my certificates with MS AD. For doing this, here are my questions:
If you want to create a temporary self-signed certificate then you can refer to the following to know more about it: https://docs.hortonworks.com/HDPDocuments/Ambari-18.104.22.168/bk_ambari-security/content/optional_set_up_...
It also talks about the formats that are supported and should be used for the certificates.
We can configure "jks/jceks/pkcs12" type of truststore for Ambari Server. We can import .pem / .crt / .cer etc.... format of certificate without any issue. For more detailed example we can refer to:
Finally It works, here are what I did, it could help someone else.