Security
Also available as:
PDF
loading table of contents...
Configuring the Ranger KMS Server for SSL

Use the following steps to configure Ranger KMS (Key Management Service) Server for SSL.

  1. Stop Ranger KMS by selecting Service Actions > Stop.

  2. Select Custom ranger-kms-site, then add the following properties as shown below:

    ranger.https.attrib.keystore.file

    ranger.service.https.attrib.keystore.file (duplicate of above – workaround for now)

    ranger.service.https.attrib.clientAuth

    ranger.service.https.attrib.client.auth (duplicate of above – workaround for now)

    ranger.service.https.attrib.keystore.keyalias

    ranger.service.https.attrib.keystore.pass

    ranger.service.https.attrib.ssl.enabled

    ranger.service.https.port

  3. Under Advanced kms_env, update the value of kms_port to match the value of ranger.service.https.port.

  4. Save your changes and restart Ranger KMS.

    When you attempt to access the Ranger KMS UI with the HTTPS protocol on the port specified by the ranger.service.https.port property, the browser should report that it does not trust the site. Click Proceed anyway and you should be able to access the Ranger Admin UI over HTTPS.