How to Determine if the Certificates Used for Web Consoles and Hadoop Network Encryption on the BDA are Expired or About to Expire
(Doc ID 2370478.1)
Last updated on MAY 18, 2018
Applies to:Big Data Appliance Integrated Software - Version 4.3.0 and later
Certificates installed throughout TLS/SSL-configured clusters have a defined lifetime. That lifetime begins on a certain date and ends on another date.
For example, the following output shows that this certificate is valid between Thu Aug 03 10:33:04 PDT 2017 and Wed Jul 24 10:33:04 PDT 2019 only:
If the certificates used for TLS/SSL expire on BDA V4.3 and higher, jobs should continue to run, but Cloudera Manager(CM) will be in "bad" health. For example if the CM certificate expires agents can not heartbeat into the cluster. The result of this is that services depending on those certificates can not be started/stopped via CM.
To prevent this from happening replace certificates before they expire or replace them as soon as possible after expiration.
This note provides the details on how to determine if the certificates used for web consoles and Hadoop Network Encryption are about to expire or are expired on BDA V4.3 and higher.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!