Oracle Cloud Infrastructure Documentation

Activating/Enabling SSL on Tez Web UI

Activating/Enable SSL on the Tez UI for Big Data Service clusters.

  1. Install the tomcat-native package on the node where the Tez UI is configured. 
    yum install tomcat-native --enablerepo=ol7_developer_EPEL
  2. Update tomcat's /opt/tomcat/conf/server.xml file to comment the Connector port="8080" section and add the following content with relevant server certificate and key path. 
    <Connector
       protocol="org.apache.coyote.http11.Http11AprProtocol"
       port="8443" maxThreads="200"
       maxParameterCount="1000"
       scheme="https" secure="true" SSLEnabled="true"
       SSLCertificateFile="/etc/security/serverKeys/testcluster-mn1.testsubnet.testvcn.oraclevcn.com.crt"
       SSLCertificateKeyFile="/etc/security/serverKeys/testcluster-mn1.testsubnet.testvcn.oraclevcn.com.key"
       SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>
  3. Save the file and restart tomcat. 
    /opt/tomcat/bin/shutdown.sh
/opt/tomcat/bin/startup.sh
  4. Update Tez-site.xml tez.tez-ui.history-url.base with https://testcluster-mn1.testsubnet.testvcn.oraclevcn.com:8443/tez-ui/.
  5. Be sure port 8443 is open in the network security list.
  6. Access the Tez UI with https://testcluster-mn1.testsubnet.testvcn.oraclevcn.com:8443/tez-ui/.