Modifying CM Server database configuration file

The script checks the connection between the Cloudera Manager server and the database, and upon successful connection, it generates the /etc/cloudera-scm-server/ file. This file includes the required configurations for the database connection.

You must follow the steps in this documenet to modify the file to add additional configuration for enabling TLS 1.2

  1. SSH into the CM Server host.
  2. Backup the file.
  3. Edit the /etc/cloudera-scm-server/ file and add the following properties:
    com.cloudera.cmf.orm.hibernate.connection.url=jdbc:mysql://localhost:3306/mysql?useSSL=true&sslMode=VERIFY_CA &trustCertificateKeyStoreUrl=file:///etc/cdep-ssl-conf/CA_STANDARD/truststore.jks&trustCertificateKeyStoreType=jks&trustCertificateKeyStorePassword=cloudera&enabledTLSProtocols=TLSv1.2
  4. Restart CM Server.
    sudo systemctl restart cloudera-scm-server