My Oracle Support Banner

How to Set up Certificates Signed by a User's Certificate Authority on Non-BDA Edge Nodes Which are Part of the Cluster on BDA 4.5 and Higher (Doc ID 2506130.1)

Last updated on APRIL 17, 2023

Applies to:

Big Data Appliance Integrated Software - Version 4.5.0 and later
Linux x86-64


This document provides step by step details to use certificates signed by a user's Certificate Authority (CA) with web consoles (Hue, Cloudera Manager), and hadoop network encryption on Edge nodes in a Big Data Appliance (BDA) cluster. It includes steps for handling one public CA certificate or a certificate chain. These steps apply to BDA 4.5 and higher clusters.


System administrators may use this document to set up a cluster with a public CA certificate or a certificate chain. 


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Known Issues
 Frequently Asked Questions
 Steps to Update CA Signed Certificates on Non-BDA Edge Nodes Which are Part of the Cluster
 Stop the Agent on the Edge Node if it is Running
 Backup the Existing /opt/cloudera/security Directory if it Exists. Then create /opt/cloudera/security.
 Create the CSR
 Get the CA Public Root Certificate and Any Intermediate Certificates.
 Steps to Setup User Provided Certificates for Web Consoles and Hadoop Network Encryption
 Final Step

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.