This section explains how to set up the Knox Gateway to connect clients to an Oozie Server with SSL enabled.
In the Cluster Topology Descriptor, change Oozie service url from HTTP to HTTPS, and the Oozie port to Oozie SSL port:
<service> <role>OOZIE</role> <url>https://$oozie-host:11443/oozie</url> </service>When using a self-signed certificate, add the certificate to Knox Gateway JMV truststore as follows:
keytool -import -alias $alias -keystore $cacerts_file -trustcacerts -file $certificate_filename
Where
$cacerts_fileis the path to JVM truststore and$certificate_filenameis the path to the certificate that you exported from the Oozie server.Check using
ExampleOozieWorkflow.groovyin samples.
