To configure SSL security for HttpFS, complete the following steps on a secure cluster:
Rename the existing
server.xml.orig, to preserve the original version.
Verify that the following file exists: /
This file may have been renamed to context.xml to configure PAM authentication for HttpFS. However, to configure SSL for HttpFS, rename the file back to
To enable certificate-based authentication, perform the following steps:
/opt/mapr/httpfs/httpfs-1.0/share/hadoop/httpfs/tomcat/webapps/webhdfs/WEB-INF/web.xml), un-comment the following section:
/opt/mapr/httpfs/httpfs-1.0/share/hadoop/httpfs/tomcat/conf/tomcat-users.xml) contains the roles and users in the certificates.
namevalue should include information from your certificate.
<tomcat-users> <role rolename="sample"/> <user name="CN=www.mapr.com, OU=mapr, O=mapr, L=San Jose, ST=San Jose, C=CA" password="null" roles="sample" /> </tomcat-users>
You can run the following command to view the contents of the certificate file:
openssl x509 -text -in /opt/mapr/hue/hue-<version>/cert.pem
Restart the HttpFS server.
Run one of the following
curlcommands to check that https is enabled. These commands fetch the file
some_file.txtfrom MapR-FS under
/user/maprand attempts to open it securely over https.
If you also configure Hue to use SSL encryption with certificate-based authentication for communication with HttpFS , run the following command: