Provides a comprehensive listing of the key store and trust store files.
Key Stores and Trust Stores in Release 6.1.0
The following files are generated by running configure.sh -dare -genkeys
on a CLDB node. Alternatively, you can generate them by running the manageSSLKeys.sh script. The ssl_keystore
,
ssl_keystore.p12
, ssl_keystore.pem
,
ssl_truststore
, ssl_truststore.p12
, and
ssl_truststore.pem
files are also generated during installation of the
Web server, even if you did not enable security. For more information, see Enabling Security.
- cldb.key
- Location:
/opt/mapr/conf
- Description: The CLDB key file. This file must exist on all CLDB nodes and be
identical.
- dare.master.key
- Location:
/opt/mapr/conf
- Description: The key file that enables data-at-rest encryption. The
dare.master.key
file is generated only if data-at-rest encryption is
enabled on the cluster. This file must be copied to all the nodes with the CLDB service
installed.
- maprserverticket
- Location:
/opt/mapr/conf
- Description: The server ticket. This file must exist on all cluster nodes and
be identical.
- ssl-client.xml
- Location (symlink):
/opt/mapr/conf
- Location (file):
${MAPR_HOME}/hadoop/hadoop-<version>/etc/hadoop/ssl-client.xml
- Description: Contains the SSL configuration for the client in XML format.
- ssl_keystore
- Location:
/opt/mapr/conf
- Description: This file is needed on all nodes where the webserver is
running.
- ssl_keystore.p12
- Location:
/opt/mapr/conf
- Description: When upgrading from MapR Core 5.2.2 or
Core 6.0.x to MapR 6.1
or later, create the
ssl_keystore.p12
and
ssl_truststore.p12
files. Copy them to the
/opt/mapr/conf
directory on all nodes in the cluster. The
.p12
files are required to generate the .pem
files
needed by Grafana and the Data Access Gateway. This step is necessary only for manual
upgrades.
- ssl_keystore.pem
- Location:
/opt/mapr/conf
- Description: When upgrading from MapR Core 5.2.2 or
Core 6.0.x to MapR 6.1
or later, create the
ssl_truststore.pem
and
ssl_keystore.pem
files. Copy them to the
/opt/mapr/conf
directory on all nodes in the cluster. The Data Access
Gateway, Grafana, and Hue components use these files. This step is necessary only for
manual upgrades.
- ssl-server.xml
- Location (symlink):
/opt/mapr/conf
- Location (file):
${MAPR_HOME}/hadoop/hadoop-<version>/etc/hadoop/ssl-server.xml
- Description: Contains the SSL configuration for the server in XML format.
- ssl_truststore
- Location:
/opt/mapr/conf
- Description: contains the certificates required by nodes initiating
communication over TLS.
- ssl_truststore.p12
- Location:
/opt/mapr/conf
- Description: When upgrading from MapR Core 5.2.2 or
Core 6.0.x to MapR 6.1
or later, create the
ssl_keystore.p12
and
ssl_truststore.p12
files, and copy them to the
/opt/mapr/conf
directory on all nodes in the cluster. The
.p12
files are required to generate the .pem
files
needed by Grafana and the Data Access Gateway. This step is necessary only for manual
upgrades.
- ssl_truststore.pem
- Location:
/opt/mapr/conf
- Description: When upgrading from MapR Core 5.2.2 or
Core 6.0.x to MapR 6.1
or later, create the
ssl_truststore.pem
and
ssl_keystore.pem
files. Copy them to the
/opt/mapr/conf
directory on all nodes in the cluster. The Data Access
Gateway, Grafana, and Hue components use these files. This step is necessary only for
manual upgrades.