Database setup details for Hue for TLS 1.2/TCPS-enabled databases
Hue automatically uses TLS 1.2 when you create a CDP cluster with the Auto-TLS option. You can also enable TLS in Hue configurations after you add the Hue service to your cluster using Cloudera Manager.
If TLS 1.2 is enabled on the database servers, and the databases are restricted or enforced to use TLS 1.2, then Hue automatically uses the TLS1.2-compatible ciphers to communicate with the database securely. You do not have to configure any setting in Hue's Advanced Configuration Snippet or any other configurations. This is applicable when using MySQL, MariaDB, or PostgreSQL databases as a backend database for Hue.
To restrict the MySQL and MariaDB databases to use TLS 1.2, set the value of the
require_secure_transport
to true
in the
my.cnf file.
To enable TLS 1.2 on the Hue instance, go to Enable TLS/SSL for Hue option.
and select theIf TCPS is enabled on the Oracle database, then you can specify the connection string
containing the TCPS
protocol in the Database SID
field.
- You must have enabled TLS 1.2 or TCPS on the Hue database.
- You must have created database users.
- You must have installed the MySQL client (for MySQL or MariaDB databases).
- You must have installed the psycopg2 Python package (for PostgreSQL database).