TLS Encryption

Transport Layer Security (TLS) is an industry standard set of cryptographic protocols for securing communications over a network. To encrypt sensitive information between the Cloudera Manager Server and cluster hosts, you must enable TLS.

You can choose to enable Auto-TLS or manually configure TLS.

Auto-TLS simplifies the process of enabling and managing TLS encryption on your cluster. When you enable Auto-TLS, an internal certificate authority (CA) is created and certificates deployed automatically across all cluster hosts. For more information on Auto-TLS, see Configuring TLS Encryption for Cloudera Manager Using Auto-TLS.

If you choose to enable TLS manually, you must create the TLS certificates making sure the certificates meet the requirements. Then configure Cloudera Manager and Schema Registry.