Enable SSL for HttpFS

How to configure HttpFS to work over SSL.

1. Edit the httpfs-env.sh script in the configuration directory:

   HTTPFS_SSL_ENABLED=true
   HTTPFS_SSL_KEYSTORE_FILE=$HOME/.keystore  
   HTTPFS_SSL_KEYSTORE_PASS=password 

2. In the HttpFS tomcat/conf directory, replace the server.xml file with the ssl-server.xml file.
3. Create an SSL certificate for the HttpFS server. As the httpfs Unix user, use the Java keytool command to create the SSL certificate:$ keytool -genkey -alias tomcat -keyalg RSA.

   You will be asked a series of questions in an interactive prompt. It will create the keystore file, which will be named .keystore and located in the httpfs user home directory.

   The password you enter for “keystore password” must match the value of the HTTPFS_SSL_KEYSTORE_PASS environment variable set in the httpfs-env.sh script in the configuration directory.

   The answer to “What is your first and last name?” (i.e. “CN”) must be the host name of the machine where the HttpFS Server will be running.

4. Start HttpFS. It should work over HTTPS.
5. Utilizing the Hadoop FileSystem API or the Hadoop FS shell, use the swebhdfs:// scheme. Make sure the JVM is picking up the truststore containing the public key of the SSL certificate if you are using a self-signed certificate.