Configure TLS/SSL for Oozie
You can edit properties to enable TLS/SSL for Oozie, specify the keystore file location on the local file system, and set the password for the keystore.
- In Cloudera Manager, select the Oozie service.
- Click the Configuration tab.
- In the Search field, type TLS/SSL to show the Oozie TLS/SSL properties.
-
Edit the following TLS/SSL properties according to your cluster configuration.
Property Description Enable TLS/SSL for Oozie Check this field to enable TLS/SSL for Oozie. Oozie TLS/SSL Server JKS Keystore File Location Path to the keystore file on the local file system. Oozie TLS/SSL Server JKS Keystore File Password Password for the keystore file. Oozie TLS/SSL Client Trust Store File Path to the client truststore file. Oozie TLS/SSL Client Trust Store Password Password for the truststore file. -
If SSL is enabled for ZooKeeper, edit the following SSL properties:
Property Description Oozie ZooKeeper TLS/SSL Server JKS Keystore File Location Path to the keystore file. Oozie ZooKeeper TLS/SSL Server JKS Keystore File Password Password for the keystore file. Oozie ZooKeeper TLS/SSL Client Trust Store File Path to the client truststore file. Oozie ZooKeeper TLS/SSL Client Trust Store Password Password for the truststore file. -
Optionally, you can modify the values of the following properties:
- Enabled TLS Protocols - List of Cipher Suite names that should be excluded.
- Excluded Cipher Suites - TLS protocols accepted by the Oozie Server.
- Click Save Changes.
- Restart the Oozie service.
