Enable server-server mutual authentication

You can enable mutual authentication between multiple ZooKeeper Servers.

Support for mutual authentication between ZooKeeper Servers can be enabled through the Cloudera Manager Admin Console. For secured networks, server-to-server authentication is considered an optional security enhancement, so the capability is disabled by default:

Server-to-server SASL authentication requires all servers in the ZooKeeper ensemble to authenticate using Kerberos.

  1. In Cloudera Manager, select the ZooKeeper service.
  2. Click the Configuration tab.
  3. Search for sasl.
  4. Find the Enable Server to Server SASL Authentication and select it.
  5. Click Save Changes.
  6. Click the Actions button.
  7. Select Restart.