Managing Apache Kudu SecurityPDF version

Configure HTTPS encryption

Lastly, you enable TLS/SSL encryption (over HTTPS) for browser-based connections to both the Kudu master and tablet server web UIs.

  1. Go to the Kudu service.
  2. Click the Configuration tab.
  3. Select Category > Security.
  4. In the Search field, type TLS/SSL to show the relevant properties.
  5. Edit the following properties according to your cluster configuration:
    Field Usage Notes
    Master TLS/SSL Server Private Key File (PEM Format)

    Set to the path containing the Kudu master host's private key (PEM-format). This is used to enable TLS/SSL encryption (over HTTPS) for browser-based connections to the Kudu master web UI.

    Tablet Server TLS/SSL Server Private Key File (PEM Format)

    Set to the path containing the Kudu tablet server host's private key (PEM-format). This is used to enable TLS/SSL encryption (over HTTPS) for browser-based connections to Kudu tablet server web UIs.

    Master TLS/SSL Server Certificate File (PEM Format)

    Set to the path containing the signed certificate (PEM-format) for the Kudu master host's private key (set in Master TLS/SSL Server Private Key File). The certificate file can be created by concatenating all the appropriate root and intermediate certificates required to verify trust.

    Tablet Server TLS/SSL Server Certificate File (PEM Format)

    Set to the path containing the signed certificate (PEM-format) for the Kudu tablet server host's private key (set in Tablet Server TLS/SSL Server Private Key File). The certificate file can be created by concatenating all the appropriate root and intermediate certificates required to verify trust.

    Enable TLS/SSL for Master Server Enables HTTPS encryption on the Kudu master web UI.
    Enable TLS/SSL for Tablet Server Enables HTTPS encryption on the Kudu tablet server Web UIs.
  6. Click Save Changes.