Configuring SSL Security for Polaris

Describes how to configure SSL security for Polaris.

1. To use an SSL endpoint for Polaris, add the following configuration to <polaris_home>/server/config/applicatiopn.properties:

   quarkus.http.ssl.certificate.key-store-file=/opt/mapr/conf/ssl_keystore
   quarkus.http.ssl.certificate.key-store-file-type=JKS
   quarkus.http.ssl.certificate.key-store-password=
   quarkus.http.ssl-port=8181
   quarkus.http.insecure-requests=disabled
   
   quarkus.management.ssl.certificate.key-store-file=/opt/mapr/conf/ssl_keystore
   quarkus.management.ssl.certificate.key-store-file-type=JKS
   quarkus.management.ssl.certificate.key-store-password=
   quarkus.management.ssl-port=8182
   quarkus.management.insecure-requests=disabled

   Comment out the following line:

   quarkus.http.port=8181
   quarkus.management.port=8182

2. Add Hadoop Keystore with SSL password to polaris-env.sh:

   export POLARIS_SSL_CREDS_STORE=localjceks://file/opt/mapr/conf/maprkeycreds.jceks,localjceks://file/opt/mapr/conf/maprtrustcreds.jceks

3. Restart Polaris.

   NOTE

   configure.sh automatically sets the default configuration for SSL.