Modifying CM Server database configuration file

The scm_prepare_database.sh script checks the connection between the Cloudera Manager server and the database, and upon successful connection, it generates the /etc/cloudera-scm-server/db.properties file. This file includes the required configurations for the database connection.

You must follow the steps in this documenet to modify the db.properties file to add additional configuration for enabling TLS 1.2

  1. SSH into the CM Server host.
  2. Backup the db.properties file.
  3. Edit the /etc/cloudera-scm-server/db.properties file and add the following properties:
    com.cloudera.cmf.orm.hibernate.connection.url=jdbc:mysql://localhost:3306/mysql?useSSL=true&sslMode=VERIFY_CA &trustCertificateKeyStoreUrl=file:///etc/cdep-ssl-conf/CA_STANDARD/truststore.jks&trustCertificateKeyStoreType=jks&trustCertificateKeyStorePassword=cloudera&enabledTLSProtocols=TLSv1.2
  4. Restart CM Server.
    sudo systemctl restart cloudera-scm-server