ApiGenerateCmcaArguments Data Model

Arguments to generate a Cloudera Manager Certificate Authority (CMCA).

Properties
name data type description
location string The location on disk to store the CMCA directory. If there is already a CMCA created there, it will be backed up, and a new one will be created in its place.
customCA boolean Whether to generate an internal CMCA (false) or use user-provided certificates (true). When set to true (user-provided certificates), the following other arguments must be given: * cmHostCert * cmHostKey * caCert * keystorePasswd * truststorePasswd
interpretAsFilenames boolean Whether the following arguments are interpreted as filenames local to the Cloudera Manager host (true, default) or as the actual data for that argument: * cmHostCert * cmHostKey * caCert * keystorePasswd * truststorePasswd * trustedCaCerts * hostCerts.hostCert * hostCerts.hostKey If HTTPS has not been enabled on the Cloudera Manager Admin Console and API, we *strongly* recommend that you pass the arguments as filenames local to the Cloudera Manager host (i.e. set to true) to avoid leaking sensitive information over the wire in plaintext.
cmHostCert string The certificate for the CM host in PEM format. Only used if customCA == true.
cmHostKey string The private key for the CM host in PEM format. Only used if customCA == true.
caCert string The certificate for the user-provided certificate authority in PEM format. Only used if customCA == true.
keystorePasswd string The password used for all Auto-TLS keystores. Only used if customCA == true.
truststorePasswd string The password used for all Auto-TLS truststores. Only used if customCA == true.
trustedCaCerts string A list of CA certificates that will be imported into the Auto-TLS truststore and distributed to all hosts.
hostCerts array of ApiHostCertInfo A list of HostCertInfo objects, which associate a hostname with the corresponding certificate and private key. Only used if customCA == true.
configureAllServices boolean Whether to configure all existing services to use Auto-TLS. Defaults to false. If false, only MGMT services will be configured to use Auto-TLS. Use the cluster-level ConfigureAutoTlsServices command to configure Auto-TLS services for a single cluster only. All future services will be configured to use Auto-TLS regardless of this setting.
Properties inherited from BaseApiSshCmdArguments
sshPort number SSH port. If unset, defaults to 22.
userName string The username used to authenticate with the hosts. Root access to your hosts is required to install Cloudera packages. The installer will connect to your hosts via SSH and log in either directly as root or as another user with password-less sudo privileges to become root.
password string The password used to authenticate with the hosts. Specify either this or a private key. For password-less login, use an empty string as password.
privateKey string The private key to authenticate with the hosts. Specify either this or a password.
The private key, if specified, needs to be a standard PEM-encoded key as a single string, with all line breaks replaced with the line-feed control character '\n'.
A value will typically look like the following string:
-----BEGIN RSA PRIVATE KEY-----\n[base-64 encoded key]\n-----END RSA PRIVATE KEY-----
passphrase string The passphrase associated with the private key used to authenticate with the hosts (optional).

Example

{
  "location" : "/opt/cloudera/CMCA",
  "customCA" : false,
  "interpretAsFilenames" : true,
  "cmHostCert" : "host-cert.pem",
  "cmHostKey" : "host-key.pem",
  "caCert" : "ca-cert.pem",
  "keystorePasswd" : "keystore.pw.txt",
  "truststorePasswd" : "truststore.pw.txt",
  "trustedCaCerts" : "cacerts.pem",
  "hostCerts" : [ {
    "hostname" : "...",
    "certificate" : "host-cert.pem",
    "key" : "host-key.pem"
  }, {
    "hostname" : "...",
    "certificate" : "...",
    "key" : "..."
  } ],
  "configureAllServices" : true,
  "sshPort" : 22,
  "userName" : "...",
  "password" : "...",
  "privateKey" : "...",
  "passphrase" : "..."
}