Enabling TLS/SSL for CMA

Learn more about how to enable and configure TLS/SSL for Cloudera Migration Assistant (CMA) when deploying the CMA server locally or with Docker.

  • Ensure that you have a PKCS12 keystore created with the cma key alias. JKS keystore is also supported.
  1. Click Settings on the homepage of CMA.
  2. Enable TLS/SSL using the checkbox on the TLS Settings page.
  3. Provide the Keystore File Location.
  4. Provide the Keystore File Password.
  5. Select the Keystore Type from the drop-down menu.
  6. Provide a Key Alias.
  7. Provide the Keystore Key Password.
  8. Click Save.
  9. Click Restart after saving the TLS/SSL configurtations.
After restarting, the CMA server listens on the default port 8090 (HTTP) and 8093 (HTTPS), and all HTTP requests are redirected to the HTTPS port.