Enabling TLS/SSL for the Hue Load Balancer

To configure the Hue Load Balancer to use HTTPS or to make it act as a TLS/SSL server, you need a self-signed SSL certificate and a private key file. If the private key file is password protected then you must configure the Hue Load Balancer to use the corresponding key password.

  1. Sign in to the Cloudera Manager web interface as an Administrator.
  2. Go to Clusters > $Hue service > Configuration > Scope > Load Balancer and search for SSL.
  3. Enter the path to the file containing the server certificate key for TLS/SSL on the host running Hue Load Balancer in the Hue Load Balancer TLS/SSL Server Certificate File (PEM Format) field.
    The certificate file must be in PEM format.
  4. Enter the path TLS/SSL file containing the private key used for TLS/SSL on the host running Hue Load Balancer in the Hue Load Balancer TLS/SSL Server Private Key File (PEM Format) field.
    The certificate file must be in PEM format.
  5. (Optional) If the private key file is password protected:
    1. Create a password file in your chosen security directory and insert the private key password as shown in the following example:
      echo "abc123" > /etc/security/password.txt
      Where abc123 is the private key password and password.txt is the password file.
    2. Set the file ownership and permissions as shown in the following example:
      chown hue:hue password.txt
      chmod 700 password.txt
    3. Enter the path to the file containing the passphrase used to encrypt the private key of the Hue Load Balancer server in the Hue Load Balancer TLS/SSL Server SSLPassPhraseDialog field.
  6. Click Save Changes.
  7. Restart the Hue service.