You must configure the Oozie client if TLS/SSL is enabled in your cluster. You can
configure the Oozie command line client using either the JDK certificate store or using the
trust-store file.
Using JDK Certificate Store
-
Import the certificate into the JDK certificate store. For example,
keytool -keystore </usr/java/default/lib/security/cacerts> -import -trustcacerts -alias autotls -file </opt/cloudera/CMCA/trust-store/cm-auto-global_cacerts.pem> --storepass changeit -noprompt
You must specify the JDK/JRE certificate file location with the -keystore parameter and the certificate you want to import with the -file parameter.
Using Trust Store
-
Manually specify the trust-store and trust-store password for the Oozie command line client. For example,
oozie -Djavax.net.ssl.trustStore={trustStoreFile} -Djavax.net.ssl.trustStorePassword={trustStorePassword} jobs -oozie https://{oozieHost}:{ooziePort}/oozie