Configuring Wire Encryption
Also available as:
PDF
loading table of contents...

SSL for Apache Atlas Credential Provider Utility Script

How to create the credential provider for Atlas when enabling SSL for Atlas.

In order to prevent the use of clear-text passwords, the Atlas platform uses the Credential Provider facility for secure password storage (see the Hadoop Credential Command Reference for more information about this facility). The cputil script can be used to create the required password store.

To create the credential provider for Atlas:

  1. Switch to the Atlas bin directory: cd /usr/hdp/current/atlas-server/bin.
  2. Run the following command: ./cputil.py.
  3. When prompted, enter the path for the generated credential provider. The format for the path is: /local/file/path/file.jceks.

    Only one absolute path is allowed. The credential provider files generally use the .jceks extension.

  4. When prompted, enter the passwords for the keystore, truststore, and server key (these passwords must match the passwords used when actually creating the associated certificate store files).
  5. The credential provider is generated and saved to the specified path.