@AppaRao,   We are working on publishing this publicly, but for now on CM/5.13.1 and higher:   (1)   Cloudera Manager:   Update java.security for the Java version used by Cloudera Manager:   - Open $JAVA_HOME/jre/lib/security/java.security in an editor Add or replace this line: - jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, MD5withRSA, DH keySize < 768, 3DES_EDE_CBC   (2)   Impala:   There are two different mechanisms to get TLS 1.2 support, depending on your operating system. On RHEL/CentOS 7, add the following to a CM Configuration Snippet (Safety Valve).   Impala on RHEL/CentOS 7 In CM, add the following parameter in Impala's safety valve: Impala Command Line Argument Advanced Configuration Snippet (Safety Valve) -ssl_minimum_version=tlsv1.2   On RHEL/CentOS 6, the above flag unfortunately does not work. Add the following instead:   Impala on RHEL/CentOS 6   In CM, add the following parameter in Impala's safety valve: Impala Command Line Argument Advanced Configuration Snippet (Safety Valve) -ssl_cipher_list=DEFAULT:!aNULL:!eNULL:!LOW:!EXPORT:!SSLv2:!SSLv3:!TLS1     ... View more