Configuring SSL/TLS certificate exchange between two Cloudera Manager instances
The Replication Manager configures replication peers between two clusters before running the replication job. You can manually set up an SSL/TLS certificate exchange between two Cloudera Manager instances that manage source and target cluster respectively. Replication Manager uses this information to set up the peers for secure data replication.
-
Go to the truststore location in source Cloudera Manager, and
perform the following steps:
-
Go to the truststore location in target Cloudera Manager, and
perform the following steps:
- List the contents of the keystore file and password using the [***keytool path***] -list -keystore [***truststore JKS file location ***] -storepass [***truststore password***] command.
- Export the certificate contents in the host to a file using the [***keytool***] -exportcert -keystore [***truststore JKS file location ***] -alias [***cm_alias_on_dest_cm***] -file ./[***TXT file, for example: dest-cert.txt***] -storepass [***truststore_password***] command.
- Copy the text file to all the hosts of the source cluster Cloudera Manager securely using the scp -i [***PEM file***] [***TXT file - dest-cert.txt***] root@[***host_ip***]:/home/ command.
- Import the certificate into the keystore file on all the hosts of the source Cloudera Manager using the [***keytool***] -importcert -noprompt -v -trustcacerts -keystore [***truststore JKS file location ***] -alias [***cm_alias_on_src_cm***] -file ./[***TXT file - dest-cert.txt***] --storepass [***truststore_password***] command.