2.1.2. Change the Current Master Key

To change the master key:

  • If you know the current master key or if the current master key has been persisted:

    1. Re-run the encryption setup command and follow the prompts.

      ambari-server setup-security
      1. Select 4 for Encrypt passwords stored in ambari.properties file.

      2. Enter the current master key when prompted if necessary (if it is not persisted or set as an environment variable).

      3. At the Do you want to reset Master Key prompt, enter yes.

      4. At the prompt, enter the new master key and confirm.

  • If you do not know the current master key:

    1. Remove encryption entirely, as described here.

    2. Re-run ambari-server setup-security as described here.

    3. Start or restart the Ambari Server.

      ambari-server restart