Overriding custom keystore alias on a Ranger KMS Server
Use this procedure to override the custom keystore alias on a Ranger KMS server.
The custom keystore alias may need to be overridden in the following scenarios:
- User has manually enabled TLS/SSL during fresh installations of Ranger KMS and Ranger KMS with Key Trustee Server (KTS), and the keystore alias was not added to the hostname.
- User has upgraded from CDP-DC 7.0.3 with Key Trustee KMS and Ranger to CDP-DC 7.1.1 (where Ranger KMS with KTS is added during the upgrade) in a TLS/SSL environment in which TLS/SSL was manually enabled, and the keystore alias was not added to the hostname.
Overriding custom keystore alias while configuring TLS/SSL on a single instance of Ranger KMS Server
- In Cloudera Manager, select Ranger KMS > Configuration, and and search for ranger.service.https.attrib.keystore.keyalias to set the custom alias value for the Ranger KMS Server TLS/SSL Keystore File Alias configuration parameter.
- Click Save Changes.
- Restart the Ranger KMS service.