Use the following instructions to set up HTTPS for Nagios.
If you have not set up the truststore for Ambari Server previously.
Set up the Nagios server.
Log into the Nagios server host.
Create a self-signed certificate on the Nagios server host. For example:
openssl genrsa -out $nserver.key 2048 openssl req -new -key $nserver.key -out $nserver.csr openssl x509 -req -days 365 -in $nserver.csr -signkey $nserver.key -out $nserver.crt
Where
$nserver
is the Nagios server hostname.Install SSL on the Nagios server host.
yum install mod_ssl
Edit the SSL configuration file on the Nagios server host.
Using a text editor, open:
/etc/httpd/conf.d/ssl.conf
Add lines setting the certificate and key file names to the files you created above. For example:
SSLCertificateFile = $nserver.crt SSLCertificateKeyFile = $nserver.key
Disable HTTP access (optional)
Using a text editor, open:
/etc/httpd/conf/httpd.conf
Comment out the port 80 listener:
# Listen 80
Restart the
httpd
service on the Ganglia server host.service httpd restart
Set up and restart the Ambari Server.
Log into the Ambari Server.
Add the cert to the truststore on the Ambari Server host.
ambari-server setup-nagios-https
The setup script uses the truststore path and password you added to
ambari.properties
above.Restart the Server
ambari-server restart