Perform the following task to enable SSL with the HBase REST API.
Execute the following statement from the command line of the HBase Master server to create a keystore for HBase:
keytool -genkey -alias hbase -keyalg RSA -keysize 1024 -keystore hbase.jks
Add the following properties to the
hbase-site.xml
configuration file on each node in your HBase cluster:<property> <name>hbase.rest.ssl.enabled</name> <value>true</value> </property> <property> <name>hbase.rest.ssl.keystore.store</name> <value>/path/to/keystore</value> </property> <property> <name>hbase.rest.ssl.keystore.password</name> <value>keystore password</value> </property> <property> <name>hbase.rest.ssl.keystore.keypassword</name> <value>key password</value> </property>
Restart all HBase nodes in the cluster.
Note | |
---|---|
When using a self-signed certificate, administrators must manually add the certificate to the JVM truststore on all HBase clients. |