Enable SSL or HTTPS for Oozie Web UI

In this article I have tried to explain the process to setup ssl or https for oozie where I will use a self-signed certificate for initial trials setup Oozie web console access over HTTPS. Remember that the self signed certificates are not suitable for production environments.

Step 1: Create keystore file first with self signed certificate.

[oozie@m2 ~]$ keytool -genkey -keyalg RSA -alias ooziehost -keystore keystore.jks -validity 360 -keysize 2048
Enter keystore password:  
Re-enter new password: 
What is your first and last name?
What is the name of your organizational unit?
What is the name of your organization?
What is the name of your City or Locality?
What is the name of your State or Province?
What is the two-letter country code for this unit?
Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct?
  [no]:  yes

Enter key password for <ooziehost>
	(RETURN if same as keystore password):  

Step 2: Login to ambari and add the following properties to “Advance oozie-env”

export OOZIE_HTTPS_PORT=11443
export OOZIE_HTTPS_KEYSTORE_FILE=/home/oozie/keystore.jks

Step 3: Save and restart oozie service.

Step 4: Now launch the Oozie UI from quick links – you should be able to access the URL

or if you will use old url also then it will redirect you to the port 11443.

I hope it helped you to configure oozie ssl,feel free to give your valuable feedback or suggestions.

Leave a Reply