Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

What extension file does Hue Configuration for SSL

Labels:
avatar
author-rank HDFS
Expert Contributor

Created on ‎10-13-2014 10:44 AM - edited ‎09-16-2022 02:09 AM

SSL.jpg

 

Hi,

 

Does ssl_certificate accepts only as .crt file extension or .pem or .cer or .der also works?

 

because when i did ssl with self signed certificate everything hue starts but when i did with Microsoft generated ssl certificate and key it gave me this error

 

OpenSSL.SSL.Error: [('PEM routines', 'PEM_read_bio', 'no start line'), ('SSL

routines', 'SSL_CTX_use_certificate_file', 'PEM lib')]

 

 

2,791 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank HDFS
Expert Contributor

Created ‎10-13-2014 06:47 PM

Thanks alot,

 

I got this issue resolved.

The certificate generated from IIS Microsoft was not correct

Once i got the ptx format for certificate.

I extracted the key and certificate from .ptx format as .key and .crt file like

 

For the key:-

openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]

 

For the certificate

openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]

 

Just gave all the rights to both key and cert and made the key passphrase less. as

 

cp [server.key] [server.key.org]

openssl rsa -in [server.key].org -out [server.key]

 

and gave the path of key and cert in Hue.

View solution in original post

2,779 Views
0 Kudos
3 REPLIES 3

avatar
author-rank HDFS
Expert Contributor

Created ‎10-13-2014 10:46 AM

SSL.jpg

2,789 Views
0 Kudos

avatar
author-rank bgooley author-rank
Master Guru

Created ‎10-13-2014 11:20 AM

The extension does not matter, but the format does.  The file should be in "PEM" format.  It should contain these lines:

 

-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----

 

-Ben

2,784 Views
0 Kudos

avatar
author-rank HDFS
Expert Contributor

Created ‎10-13-2014 06:47 PM

Thanks alot,

 

I got this issue resolved.

The certificate generated from IIS Microsoft was not correct

Once i got the ptx format for certificate.

I extracted the key and certificate from .ptx format as .key and .crt file like

 

For the key:-

openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]

 

For the certificate

openssl pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]

 

Just gave all the rights to both key and cert and made the key passphrase less. as

 

cp [server.key] [server.key.org]

openssl rsa -in [server.key].org -out [server.key]

 

and gave the path of key and cert in Hue.

2,780 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements