Configure TLS/SSL for Oozie

You can edit properties to enable TLS/SSL for Oozie, specify the keystore file location on the local file system, and set the password for the keystore.

  1. In Cloudera Manager, select the Oozie service.
  2. Click the Configuration tab.
  3. In the Search field, type TLS/SSL to show the Oozie TLS/SSL properties.
  4. Edit the following TLS/SSL properties according to your cluster configuration.
    Property Description
    Enable TLS/SSL for Oozie Check this field to enable TLS/SSL for Oozie.
    Oozie TLS/SSL Server JKS Keystore File Location Path to the keystore file on the local file system.
    Oozie TLS/SSL Server JKS Keystore File Password Password for the keystore file.
    Oozie TLS/SSL Client Trust Store File Path to the client truststore file.
    Oozie TLS/SSL Client Trust Store Password Password for the truststore file.
  5. If SSL is enabled for ZooKeeper, edit the following SSL properties:
    Property Description
    Oozie ZooKeeper TLS/SSL Server JKS Keystore File Location Path to the keystore file.
    Oozie ZooKeeper TLS/SSL Server JKS Keystore File Password Password for the keystore file.
    Oozie ZooKeeper TLS/SSL Client Trust Store File Path to the client truststore file.
    Oozie ZooKeeper TLS/SSL Client Trust Store Password Password for the truststore file.
  6. Optionally, you can modify the values of the following properties:
    • Enabled TLS Protocols - List of Cipher Suite names that should be excluded.
    • Excluded Cipher Suites - TLS protocols accepted by the Oozie Server.
  7. Click Save Changes.
  8. Restart the Oozie service.