Storm UI for SSL - stanislawbartkowski/hdpwiredencryption GitHub Wiki

Enable Storm UI for SSL

Important: If Storm is going to work as Streaming Engine in Streaming Analytics Manager, do not enable SSL. The SAM is not cooperating with secured Storm..

https://community.cloudera.com/t5/Community-Articles/How-to-enable-SSL-for-Storm-UI/ta-p/249009

Prepare keystore

You can create CA-signed certificate or self-signed certificate.

cd /etc/storm/conf keytool -genkey -alias hbase -keyalg RSA -keysize 1024 -keystore keystore-ui.jks

Make keystore secure:

chown storm: keystore-ui.jks chmod 400 keystore-ui.jks

Configure Storm

Ambari->Storm->Configs->Advanced

Custom storm-site

Parameter Sample value
ui.https.key.password secret
ui.https.keystore.password secret
ui.https.keystore.path /etc/storm/conf/keystore-ui.jks
ui.https.keystore.type jks
ui.https.port 8740

Restart Storm Service

Verify

Open Storm UI, pay attention that it is using secure HTTP.

https://\<Storm UI host>:8740/index.html