Configure SSL for Hue Using a PKCS12 Certificate on ODP

This article explains how to enable SSL for Hue using a PKCS12 (.p12) certificate file.

Use this procedure when Hue is accessible over HTTP and you want to enable HTTPS access.

Symptoms

After enabling SSL, Hue may fail to start or HTTPS access may not work.

Common causes include:

  • Incorrect certificate configuration
  • Missing certificate chain
  • Invalid private key permissions
  • Missing SSL password configuration

Prerequisites

Ensure you have:

  • A valid PKCS12 certificate file (.p12)
  • The certificate password
  • Access to the Hue host

Extract the Certificate Files

Extract the private key

Bash
Copy

Set permissions:

Bash
Copy

Extract the server certificate

Bash
Copy

Set permissions:

Bash
Copy

Extract the certificate chain

Bash
Copy

Set permissions:

Bash
Copy

Create the Full Certificate Chain

Combine the server certificate and certificate chain:

Bash
Copy

Set permissions:

Bash
Copy

Configure Hue SSL

Update the Hue SSL settings:

Bash
Copy

Configure the corresponding values in Ambari.

Set File Ownership

Bash
Copy

Ensure:

Bash
Copy

Verify the Certificate

Verify the private key

Bash
Copy

Verify the key matches the certificate

Bash
Copy

Both values should match.

Verify the certificate chain

Bash
Copy

Expected output:

Bash
Copy

Configure the SSL Password

If the private key is password protected:

  1. Configure the Hue SSL password in Ambari.
  2. Use the same password that was used to protect the private key.

Restart Hue

Restart the Hue service from Ambari.

After the restart completes, access Hue using:

Bash
Copy

Validation

Verify:

  • Hue starts successfully.
  • HTTPS access works.
  • Browser certificate warnings are not present.
  • HDFS File Browser loads successfully.

Summary

To enable SSL for Hue:

  1. Extract the private key, server certificate, and certificate chain from the PKCS12 file.
  2. Create a full certificate chain file.
  3. Configure the SSL properties in Hue.
  4. Set correct file ownership and permissions.
  5. Configure the SSL password if the key is encrypted.
  6. Restart Hue and validate HTTPS access.

This procedure resolves most SSL enablement issues for Hue deployments using PKCS12 certificates.

VariableType to search · ESC to discard
GlossaryType to search · ESC to discard
InsertType to search · ESC to discard
No matches