Cloudera Docs

Set up the external databases

You must set up the external databases to be used with CDP Private Cloud Data Services. You must enable the base cluster PostgreSQL database to use an SSL connection to encrypt client-server communication as a requirement for Cloudera Data Warehouse (CDW) data service.

To set up the external databases for CDP Private Cloud Data Services with SSL, complete the following steps:

  1. Install PostgreSQL 10 or 12.
  2. In the postgresql.conf file, set the following parameters:
    • parameters listen_addresses = '*'
    • max_connections = 1000
  3. In the pg_hba.conf file, add the following lines:
    host all all 0.0.0.0/0 md5
host all all ::/0 md5
  4. Place a leaf certificate, and the certificate's private key on the Postgres server.
  5. Set ssl=on in the postgresql.conf file.
  6. In the postgresql.conf file, set the following parameters
    • Set the ssl_cert_file parameter to the location of the leaf certificate.
    • Set the ssl_key_file parameter to the location of the key file.
  7. When you are prompted during the installation, upload the CA certificate that signed the leaf certificate.
  8. Restart the Postgres server.