Configure Knox for SMM integration
- From the Ambari UI Advanced streams-messaging-manager-sso-config, verify that Authentication.provider.url is accurate.
-
Generate your public.key.pem.
- From
Knox | Configs | Advanced knoxsso-toplogy,
add the
following:
<name>main.ldapRealm.userDnTemplate</name> <value>CN=admin1,CN=Users,DC=HWQE,DC=HORTONWORKS,DC=COM</value> <name>main.ldapRealm.contextFactory.url</name> <value>ldap://ad-nano.qe.hortonworks.com:389</value> <name>knoxsso.redirect.whitelist.regex</name> <value>.*;^/.*$;https?://localhost*$;^http.*$</value>
- Save this change and restart Knox.
- From the command line, generate your
pem key, using the default keystore password
adminwhen prompted:/usr/jdk64/jdk1.8.0_112/bin/keytool -export -alias gateway-identity -rfc -file /root/knox-sso-cert.pem -keystore /usr/hdf/current/knox-server/data/security/keystores/gateway.jks
- From
Knox | Configs | Advanced knoxsso-toplogy,
add the
following:
- Open knox-sso-cert.pem from /root and remove any new line characters or special characters.
- From the Ambari UI Advanced streams-messaging-manager-sso-config, upload the Public.key.pem.
