Configuring TLS/SSL encryption manually for Spark
You can enable TLS manually for the Spark History Server.
- In Cloudera Manager, select the Spark service from the Clusters drop-down menu.
-
In the Configuration tab, enter
tls
into the search box. -
Edit the following property fields as needed for your cluster and
environment:
Property Description TLS/SSL Protocol The version of the TLS/SSL protocol to use when TLS/SSL is enabled. Enabled SSL/TLS Algorithms A comma-separated list of algorithm names to enable when TLS/SSL is enabled. By default, all algorithms supported by the JRE are enabled. TLS/SSL Port Number Port where to listen for TLS/SSL connections. HTTP connections will be redirected to this port when TLS/SSL is enabled. Enable TLS/SSL for History Server Encrypt communication between clients and History Server using Transport Layer Security (TLS) (formerly known as Secure Socket Layer (SSL)). History Server TLS/SSL Server JKS Keystore File Location The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when History Server is acting as a TLS/SSL server. The keystore must be in JKS format. History Server TLS/SSL Server JKS Keystore File Password The password for the History Server JKS keystore file. - Click Save Changes.
- Restart the Spark service.