Managing CA certificates for Cloudera AI Workbench
Learn how to ensure that workbenches securely connect to internal resources protected
by certificates.
Only Administrators are authorized to manage CA certificates in the Cloudera AI Workbench, including uploading or refreshing them.
Cloudera recommends generating a private root CA
with the Basic Constraints extension set to
CA:TRUE and creating endpoint certificates that include a valid
and accurate Subject Alternative Name (SAN).
Upload the certificates to the Cloudera AI Workbench.
In the Cloudera
console, click the Cloudera AI tile.
The Cloudera AI Workbenches page displays.
Select the required workbench.
The Home page of the workbench is
displayed.
Select the View Workbench Details action from
the Actions drop-down list.
Scroll to the CA Certificates section on the
Details page.
Upload the certificate to the CA Certificate
section and click the Upload button.
Refresh certificates.
Use this action to activate the newly uploaded certificates and to refresh
Workbench services with the updated certificate content. If you have already
navigated to the required workbench, the Step 1 and Step 2 are optional.
Optional: In the Cloudera
console, click the Cloudera AI tile.
The Cloudera AI Workbenches page displays.
Optional: Select the required workbench.
The Home page of the workbench is
displayed.
Select the Actions menu from the top-right
navigation menu and select the Refresh
Certificate action.
This operation merges the latest certificates from the Platform
truststore with the CA certificates specific for the Cloudera AI Workbench. It then restarts the Cloudera AI services to recognize the combined
certificates and establish a secure connection with the CA certificate
endpoints.
