Hadoop Security Guide
Also available as:
PDF
loading table of contents...

Configuring Ranger for LDAP SSL

You can use the following steps to configure LDAP SSL using self-signed certs in the default Ranger User Sync TrustStore.

  1. The default location is /usr/hdp/current/ranger-usersync/conf/mytruststore.jks for the ranger.usersync.truststore.file property.

  2. Alternatively, copy and edit the self-signed ca certs.

  3. Set the ranger.usersync.truststore.file property to that new cacert file.

    cd /usr/hdp/<version>/ranger-usersync 
    service ranger-usersync stop 
    service ranger-usersync start

    Where cert.pem has the LDAPS cert.