In this article I have tried to explain the process to setup ssl or https for oozie where I will use a self-signed certificate for initial trials setup Oozie web console access over HTTPS. Remember that the self signed certificates are not suitable for production environments.
Step 1: Create keystore file first with self signed certificate.
[oozie@m2 ~]$ keytool -genkey -keyalg RSA -alias ooziehost -keystore keystore.jks -validity 360 -keysize 2048 Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: What is the name of your organizational unit? [Unknown]: What is the name of your organization? [Unknown]: What is the name of your City or Locality? [Unknown]: What is the name of your State or Province? [Unknown]: What is the two-letter country code for this unit? [Unknown]: Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? [no]: yes Enter key password for <ooziehost> (RETURN if same as keystore password):
Step 2: Login to ambari and add the following properties to “Advance oozie-env”
export OOZIE_HTTPS_PORT=11443
export OOZIE_HTTPS_KEYSTORE_FILE=/home/oozie/keystore.jks
export OOZIE_HTTPS_KEYSTORE_PASS=bigdata
Step 3: Save and restart oozie service.
Step 4: Now launch the Oozie UI from quick links – you should be able to access the URL
https://m2.hdp22:11443/oozie/
or if you will use old url also then it will redirect you to the port 11443.
I hope it helped you to configure oozie ssl,feel free to give your valuable feedback or suggestions.