fdeantoni opened a new pull request #3441: [ZEPPELIN-4324]: Support two-way SSL authentication. URL: https://github.com/apache/zeppelin/pull/3441 ### What is this PR for? Livy can run behind a reverse proxy that requires SSL authentication. To support this, three additional properties have been added: - zeppelin.livy.ssl.keyStore - zeppelin.livy.ssl.keyStorePassword - zeppelin.livy.ssl.keyStoreType The keystore type can either be JKS or PKCS12. The default is JKS. To keep things streamlined, a property `zeppelin.livy.ssl.trustStoreType` has been been added as well. Default value is also JKS. ### What type of PR is it? Improvement ### What is the Jira issue? https://issues.apache.org/jira/browse/ZEPPELIN-4324 ### How should this be tested? Set up a livy instance behind a reverse proxy (e.g. HAProxy) that requires two way SSL authentication to access it. Configure the Livy interpreter to access this instance by setting the following properties: - zeppelin.livy.ssl.keyStore: Path to keystore containing client certificate and key - zeppelin.livy.ssl.keyStorePassword: Password of keystore - zeppelin.livy.ssl.keyStoreType: Either JKS or PKCS12 - zeppelin.livy.ssl.trustStore: Path to trust store containing proxy host certificate - zeppelin.livy.ssl.trustStorePassword: Password of trust store - zeppelin.livy.ssl.keyStoreType: Either JKS or PKCS12
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
