Manage SSL
The Manage SSL action allows you to control the SSL encryption of all services in the ADH cluster. For additional information on SSL settings, see Requirements for SSL certificates.
To run an action, go to Clusters page, click in the Actions column, and select the action from the drop-down list that appears.
When you choose an action, ADCM displays a dialog window where you can specify SSL settings listed in the table below.
Parameter | Description | Default value |
---|---|---|
Keystore path |
A path to the keystore file |
/etc/ssl/keystore.jks |
Keystore password |
A password for the keystore file |
— |
Truststore path |
A path to the truststore file |
/etc/ssl/truststore.jks |
Truststore password |
A password for the truststore file |
— |
TLS Version |
Version of the TLS protocol. See Set TLS version for an ADH cluster |
TLSv1.2 |
Run service checks |
Runs the service checks after the setting change |
True |
force |
Defines whether current SSL parameters should be overwritten with the specified values |
False |
To enable SSL, run the action with the Enable SSL parameter group active and the parameters filled in.
After you specify the parameters, click Run. In the action confirmation window that appears, you can select the Verbose checkbox to see additional execution details.
To disable SSL, run the Manage SSL action with the Enable SSL parameter group inactive.
During the execution of the Manage SSL action, ADCM stops all services one by one, reconfigures them to enable or disable SSL encryption, then starts the services and checks them.
You can find execution process and result of the action on the Jobs page. On this page you can view action execution details, including verbose Ansible STDOUT/STDERR outputs.
IMPORTANT
If the Ranger Solr plugin is enabled, make sure to manually restart Solr after enabling/disabling of SSL.
|