Enabling TLS/SSL for CMA

Learn more about how to enable and configure TLS/SSL for Cloudera Migration Assistant (CMA) when deploying the CMA server locally or with Docker.

• Ensure that you have a PKCS12 keystore created with the cma key alias. JKS keystore is also supported.

1. Click Settings on the homepage of CMA.

   

2. Enable TLS/SSL using the checkbox on the TLS Settings page.

   

3. Provide the Keystore File Location.
4. Provide the Keystore File Password.
5. Select the Keystore Type from the drop-down menu.
6. Provide a Key Alias.
7. Provide the Keystore Key Password.
8. Click Save.
9. Click Restart after saving the TLS/SSL configurtations.

After restarting, the CMA server listens on the default port 8090 (HTTP) and 8093 (HTTPS), and all HTTP requests are redirected to the HTTPS port.