Storm UI for SSL - stanislawbartkowski/hdpwiredencryption GitHub Wiki
Enable Storm UI for SSL
Important: If Storm is going to work as Streaming Engine in Streaming Analytics Manager, do not enable SSL. The SAM is not cooperating with secured Storm..
https://community.cloudera.com/t5/Community-Articles/How-to-enable-SSL-for-Storm-UI/ta-p/249009
Prepare keystore
You can create CA-signed certificate or self-signed certificate.
cd /etc/storm/conf keytool -genkey -alias hbase -keyalg RSA -keysize 1024 -keystore keystore-ui.jks
Make keystore secure:
chown storm: keystore-ui.jks chmod 400 keystore-ui.jks
Configure Storm
Ambari->Storm->Configs->Advanced
Custom storm-site
Parameter | Sample value |
---|---|
ui.https.key.password | secret |
ui.https.keystore.password | secret |
ui.https.keystore.path | /etc/storm/conf/keystore-ui.jks |
ui.https.keystore.type | jks |
ui.https.port | 8740 |
Restart Storm Service
Verify
Open Storm UI, pay attention that it is using secure HTTP.
https://\<Storm UI host>:8740/index.html