Enabling secure HTTP for HBase UI is simple and straightforward. Details:

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.5/configuring-wire-encryption/content/enable_ssl_on_the_hbase_web_ui.html

The secure keystore can be created as a self-signed or CA Certificate. The keystore should be created on HBase Master node. In case of HA enabled, the same copy of keystore and trustore should be located on both nodes at the same directory.

Create self-signed:

cd /etc/hbase/conf
keytool -genkey -alias hbase -keyalg RSA -keysize 1024 -keystore keystore-ui.jks
chown hbase:hadoop keystore-ui.jks
chmod 400 keystore-ui.jks

Make sure that password is correct.

keytool -list -keystore keystore-ui.jks

Enter keystore password:  
Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry

cert, 2020-10-05, trustedCertEntry, 
Certificate fingerprint (SHA1): 9E:01:C8:73:41:17:6E:7E:50:E9:CE:CB:F8:CA:23:03:FC:4C:25:FC

HBase->Configs->Advanced
Custom hbase-site

Restart HBase

Launch UI related to HBase and make sure that it opens as secure HTTP.

Very similar steps like HDFS plugin by tailored for HBase

https://github.com/stanislawbartkowski/hdpwiredencryption/wiki/SSL-Ranger-UI-HDFS-Ranger-Plugin#hdfs-ranger-plugin

On HBase Master node, prepare Ranger plugin keystore

cd /etc/hbase/conf

Important: keep in mind CN name, do not use FQDN hostname, the CN name should be different than all other plugins CN names.

keytool -genkey -keyalg RSA -alias rangerHBaseAgent -keystore ranger-plugin-keystore.jks -validity 360 -keysize 2048

Enter keystore password:  
What is your first and last name?
  [Unknown]:  rangerhbaseplugin
What is the name of your organizational unit?
  [Unknown]:  AA
What is the name of your organization?
  [Unknown]:  BB

Create HBase Ranger plugin truststore, import Ranger Admin certificate

keytool -import -file /root/ranger-admin-trust.cer -alias rangeradmintrust -keystore ranger-plugin-truststore.jks

Secure stores

chown hbase: *.jks
chmod 400 *jks

Distribute both keystores to all nodes where HBase Region servers are installed. Pay attention to assign proper owner and modes after copying is completed, can be lost by scp command.

Export HBase plugin certificate

keytool -export -keystore ranger-plugin-keystore.jks -alias rangerHBaseAgent -file ranger-hbaseAgent-trust.cer

On Ranger Admin node, import certificate into Ranger Admin trustore, use a different alias name.

cd /etc/ranger/admin/conf
keytool -import -file /root/ranger-hbaseAgent-trust.cer -alias rangerHBaseAgentTrust -keystore ranger-admin-truststore.jks

HBase->Configs->Advanced->Advanced ranger-hbase-policymgr-ssl

Restart HBase and Ranger

Ranger Admin UI-> Access Manager -> <cluster_name>_hbase
Provide DN of Ranger HBase plugin certificate to Common Name for Certificate field.

Audit-> Plugins

_hbase should declare HTTP Response Code 200 with fresh date.

As sb user, try to create HBase table

hbase shell
create 'emp', 'personal data', 'professional data'

ERROR: org.apache.hadoop.hbase.security.AccessDeniedException: Insufficient permissions for user 'sb' (action=create)

Open Ranger UI Console and grant temporarily sb permission to create emp table

Try again after a minute.

create 'emp', 'personal data', 'professional data'

Created table emp
Took 4.0250 seconds