Setting up security

You need to turn off Kerberos and provide an authentication certificate on respective clusters before running HMS Mirror.

  1. Copy the cert.txt file to all the hosts in the destination CDP One cluster.
    $ mv cert.txt othercert.txt
    $ scp othercert.txt <path on CDP SaaS>
  2. Import the certificate into the keystore file on all the hosts of the destination cluster.
    /usr/java/default/bin/keytool -importcert -noprompt -v -trustcacerts -keystore /var/lib/cloudera-scm-agent/agent-cert/cm-auto-global_truststore.jks -alias cmrootca-1 -file ./othercert.txt --storepass [***truststore_password***]