Cloudera Navigator supports TLS/SSL encryption for network communications between the Navigator Audit Server and clients, such as the web browser used for Cloudera Navigator console. Typically, TLS/SSL is configured for the entire cluster, so it is possible that the server key and certificate already exist on the specific host running the Navigator Audit Server role because that role runs on the same host as Cloudera Management Server. See Configuring TLS Encryption for Cloudera Manager for more information about configuring TLS/SSL for Cloudera Manager clusters.

1. Log in to the Cloudera Manager Admin Console.
2. Select Clusters > Cloudera Management Service.
3. Click the Configuration tab.
4. Select Scope > Navigator Audit Server.
5. Select Category > Security.
6. Edit the following properties according to your cluster configuration.

   Property	Description
   Enable TLS/SSL for Navigator Audit Server	Encrypt network communications between clients and Navigator Audit Server using TLS/SSL.
   TLS/SSL Keystore File Location	The path to the keystore file containing the server private key and certificate. The keystore must be in JKS format.
   TLS/SSL Keystore File Password	The password for the Navigator Audit Server JKS keystore file.
   TLS/SSL Keystore Key Password	The password for the private key contained in the JKS keystore.

7. Click Save Changes.
8. Restart the Navigator Audit Server role.