Enabling mTLS between the HMS database and CDW on Private Cloud

In setups where mTLS is used for secure authentication and communication between HMS service and HMS databases, Cloudera Data Warehouse (CDW) also supports setting up mTLS for this connectivity. The Hive MetaStore (HMS) pod in CDW needs a client certificate and client private key to set up the mTLS authentication.

  • Verify whether mTLS is configured on the CDP Base cluster and it is the only means of authentication to the HMS database. Perform this task only if you meet this condition.
  • Ensure that the database client certificate and private key files are present on the CDP Base cluster.
  • You must have an environment available that you want to activate in CDW.
  1. Log in to the Data Warehouse service as DWAdmin.
  2. Go to the Environment(s) tab and click Activate corresponding to the environment you want to activate in CDW.
  3. Browse and upload the database client certificate and database client private key in PEM format.
  4. Click ACTIVATE.