Enabling TLS/SSL for Hue Load Balancer

To configure the Hue Load Balancer to use HTTPS or operate as a TLS/SSL server, you need a self-signed SSL certificate and a private key file. If the private key file is password protected, then you must configure the Hue Load Balancer to use the corresponding key password.

  1. Log in to Cloudera Manager as an Administrator.
  2. Go to Clusters > Hue service > Configuration > Scope > Load Balancer.
  3. Enter the location of the file that contains the server certificate key for TLS/SSL on the host running Hue Load Balancer in the Hue Load Balancer TLS/SSL Server Certificate File (PEM Format) field.
    The certificate file must be in the Privacy-Enhanced Mail (PEM) format.
  4. Enter the location of the TLS/SSL file that contains the private key used for TLS/SSL on the host running Hue Load Balancer, in the Hue Load Balancer TLS/SSL Server Private Key File (PEM Format) field.
    The certificate file must be in PEM format.
  5. (Optional) If the private key file is password protected perform the following steps:
    1. Create a password file in your chosen security directory and insert the private key password as shown in the following example:
      echo "abc123" > /etc/security/password.txt
      Where abc123 is the private key password and password.txt is the password file.
    2. Set the file ownership and permissions as shown in the following example:
      chown hue:hue password.txt
      chmod 700 password.txt
    3. Enter the path to the file containing the passphrase used to encrypt the private key of the Hue Load Balancer server in the Hue Load Balancer TLS/SSL Server SSLPassPhraseDialog field.
  6. Click Save Changes.
  7. Restart the Hue service.