Enabling mTLS between the HMS database and Cloudera Data Warehouse Private Cloud

In setups where mTLS is used for secure authentication and communication between HMS service and HMS databases, Cloudera Data Warehouse also supports setting up mTLS for this connectivity. The Hive MetaStore (HMS) pod in Cloudera Data Warehouse needs a client certificate and client private key to set up the mTLS authentication.

• Verify whether mTLS is configured on the Cloudera Private Cloud Base cluster and it is the only means of authentication to the HMS database. Perform this task only if you meet this condition.
• Ensure that the database client certificate and private key files are present on the Cloudera Private Cloud Base cluster.
• You must have an environment available that you want to activate in Cloudera Data Warehouse.

1. Log in to the Cloudera Data Warehouse service as DWAdmin.
2. Go to the Environment(s) tab and click Activate corresponding to the environment you want to activate in Cloudera Data Warehouse.
3. Browse and upload the database client certificate and database client private key in PEM format.
4. Click ACTIVATE.