Enabling TLS/SSL for Hue Load Balancer
To configure the Hue Load Balancer to use HTTPS or operate as a TLS/SSL server, you need a self-signed SSL certificate and a private key file. If the private key file is password protected, then you must configure the Hue Load Balancer to use the corresponding key password.
- Log in to Cloudera Manager as an Administrator.
- Go to Clusters > Hue service > Configuration > Scope > Load Balancer.
-
Enter the location of the file that contains the server certificate key for
TLS/SSL on the host running Hue Load Balancer in the Hue Load
Balancer TLS/SSL Server Certificate File (PEM Format)
field.
The certificate file must be in the Privacy-Enhanced Mail (PEM) format.
-
Enter the location of the TLS/SSL file that contains the private key used for
TLS/SSL on the host running Hue Load Balancer, in the Hue Load
Balancer TLS/SSL Server Private Key File (PEM Format)
field.
The certificate file must be in PEM format.
-
(Optional) If the private key file is password protected perform the following
steps:
-
Create a password file in your chosen security directory and insert the
private key password as shown in the following example:
echo "abc123" > /etc/security/password.txt
Whereabc123
is the private key password andpassword.txt
is the password file. -
Set the file ownership and permissions as shown in the following
example:
chown hue:hue password.txt chmod 700 password.txt
- Enter the path to the file containing the passphrase used to encrypt the private key of the Hue Load Balancer server in the Hue Load Balancer TLS/SSL Server SSLPassPhraseDialog field.
-
Create a password file in your chosen security directory and insert the
private key password as shown in the following example:
- Click Save Changes.
- Restart the Hue service.