You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hawq.apache.org by "Alexander Denissov (JIRA)" <ji...@apache.org> on 2017/04/28 23:22:04 UTC
[jira] [Commented] (HAWQ-1441) Implement SSL Access from RPS to
Ranger
[ https://issues.apache.org/jira/browse/HAWQ-1441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15989573#comment-15989573 ]
Alexander Denissov commented on HAWQ-1441:
------------------------------------------
uploaded results of recent investigation as a PDF attachments. There will be a few changes required:
- enable_ranger_plugin.sh script needs to work with https:// URLs and use .pem key from the server in case RangerAdmin server uses self-signed certificate
- ranger-admin-services.sh script in RangerAdmin needs to be modified (by customers) to work around potential RangerAdmin bug with not using provided truststore
- ranger-policymgr-ssl.xml file needs to be created and shipped with RPM (pom file update for RPM spec)
- documentation on how to create certificates / keystores and truststores
- commonNameForCertificate property needs to be added to the service definition with reasonable default
> Implement SSL Access from RPS to Ranger
> ---------------------------------------
>
> Key: HAWQ-1441
> URL: https://issues.apache.org/jira/browse/HAWQ-1441
> Project: Apache HAWQ
> Issue Type: Sub-task
> Components: Security
> Reporter: Lili Ma
> Assignee: Ed Espino
> Fix For: backlog
>
> Attachments: RangerPluginServiceandSSLTLS.pdf
>
>
> SSL connection from Ranger plugin to Ranger is a way to ensure the security of data transferred between Ranger to Plugin Service. So we need to implement SSL support in RPS connection to Ranger.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)