Replacing SSL Certificates in Ambari

Overview

Ambari/Deployer SSL Certificates have expired, as detected in a vulnerability scan. New certificates need to be requested and replaced.

 

Solution

ambari-server stop
  • Copy the following files to /var/lib/ambari-server/resources/ssl.crt and the private key to /var/lib/ambari-server/resources/ssl.key to overwrite existing files.
cp ssl.key /var/lib/ambari-server/resources/ssl.key
cp ssl.crt /var/lib/ambari-server/resources/ssl.crt
  • Delete the following files:
rm /var/lib/ambari-server/keys/https.crt
rm /var/lib/ambari-server/keys/https.key
  • Enter the following command to set up the certificate:
ambari-server setup-security

Note: If the SSL key was password-protected, you are prompted to enter it.

  • Enter the following command to start the Ambari server:
ambari-server start 

Comments

0 comments

Please sign in to leave a comment.