Cloudera Docs

Configure Lily HBase Indexer to use TLS/SSL

Although Cloudera recommends using AutoTLS, you also have the option to set up TLS manually for the Lily HBase Indexer.

To configure and enable Hadoop TLS/SSL for the Lily HBase Indexer (Key-Value Store Indexer) perform the following steps.
  1. Open the Cloudera Manager Admin Console and go to the Key-Value Store Indexer.
  2. Click the Configuration tab.
  3. Select Scope > All.
  4. Select Category > All.
  5. In the Search field, type TLS/SSL to show the Solr TLS/SSL properties.
  6. Edit the following TLS/SSL properties according to your cluster configuration.
    Table 1. Key-Value Store TLS/SSL Properties
    Property Description
    HBase Indexer TLS/SSL Certificate Trust Store File The location on disk of the truststore, in .jks format, used to confirm the authenticity of TLS/SSL servers that HBase Indexer might connect to. This is used when HBase Indexer is the client in a TLS/SSL connection. This truststore must contain the certificate(s) used to sign the service(s) being connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
    HBase Indexer TLS/SSL Certificate Trust Store Password (Optional) The password for the HBase Indexer TLS/SSL Certificate Trust Store File. This password is not required to access the truststore: this field can be left blank. This password provides optional integrity checking of the file. The contents of truststores are certificates, and certificates are public information.
  7. Restart the service.