Manage SSL

The Manage SSL action allows you to control the SSL encryption of all services in the ADH cluster. For additional information on SSL settings, see Requirements for SSL certificates.

To run an action, go to Clusters page, click actions default dark actions default light in the Actions column, and select the action from the drop-down list that appears.

Execute the Manage SSL action
Execute the "Manage SSL" action

When you choose an action, ADCM displays a dialog window where you can specify SSL settings listed in the table below.

SSL settings
Parameter Description Default value

Keystore path

A path to the keystore file

/etc/ssl/keystore.jks

Keystore password

A password for the keystore file

 — 

Truststore path

A path to the truststore file

/etc/ssl/truststore.jks

Truststore password

A password for the truststore file

 — 

TLS Version

Version of the TLS protocol. See Set TLS version for an ADH cluster

TLSv1.2

Run service checks

Runs the service checks after the setting change

True

force

Defines whether current SSL parameters should be overwritten with the specified values

False

To enable SSL, run the action with the Enable SSL parameter group active and the parameters filled in.

Enable SSL with the Manage SSL action
Enable SSL with the "Manage SSL" action

After you specify the parameters, click Run. In the action confirmation window that appears, you can select the Verbose checkbox to see additional execution details.

To disable SSL, run the Manage SSL action with the Enable SSL parameter group inactive.

Disable SSL with the Manage SSL action
Disable SSL with the "Manage SSL" action

During the execution of the Manage SSL action, ADCM stops all services one by one, reconfigures them to enable or disable SSL encryption, then starts the services and checks them.

You can find execution process and result of the action on the Jobs page. On this page you can view action execution details, including verbose Ansible STDOUT/STDERR outputs.

IMPORTANT
If the Ranger Solr plugin is enabled, make sure to manually restart Solr after enabling/disabling of SSL.
Found a mistake? Seleсt text and press Ctrl+Enter to report it