Cloudera Docs

Configuring TLS/SSL encryption manually for Spark

You can enable TLS manually for the Spark History Server.

  1. In Cloudera Manager, select the Spark service from the Clusters drop-down menu.
  2. In the Configuration tab, enter tls into the search box.
  3. Edit the following property fields as needed for your cluster and environment:
    Property Description
    TLS/SSL Protocol The version of the TLS/SSL protocol to use when TLS/SSL is enabled.
    Enabled SSL/TLS Algorithms A comma-separated list of algorithm names to enable when TLS/SSL is enabled. By default, all algorithms supported by the JRE are enabled.
    TLS/SSL Port Number Port where to listen for TLS/SSL connections. HTTP connections will be redirected to this port when TLS/SSL is enabled.
    Enable TLS/SSL for History Server Encrypt communication between clients and History Server using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)).
    History Server TLS/SSL Server JKS Keystore File Location The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when History Server is acting as a TLS/SSL server. The keystore must be in JKS format.
    History Server TLS/SSL Server JKS Keystore File Password The password for the History Server JKS keystore file.
  4. Click Save Changes.
  5. Restart the Spark service.