[
https://issues.apache.org/jira/browse/DRILL-3725?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14937474#comment-14937474
]
Jacques Nadeau commented on DRILL-3725:
---------------------------------------
Lgtm +1
> Add HTTPS support for Drill web interface
> -----------------------------------------
>
> Key: DRILL-3725
> URL: https://issues.apache.org/jira/browse/DRILL-3725
> Project: Apache Drill
> Issue Type: New Feature
> Components: Client - HTTP
> Reporter: Venki Korukanti
> Assignee: Venki Korukanti
> Fix For: 1.2.0
>
>
> Currently web UI or REST API calls don't support transport layer security
> (TLS). This jira is to add support for TLS. We need this feature before
> adding the user authentication to Drill's web interface.
> Proposal is:
> * Always default to HTTPS
> * Cluster admin can set the following SSL configuration to specify their own
> keystore and/or truststore.
> ** java.net.ssl.keyStore
> ** java.net.ssl.keyStorePassword
> ** java.net.ssl.trustStore
> ** java.net.ssl.trustStorePassword
> * If cluster admin didn't specified the above SSL config, generate a self
> signed certificate programmatically and use it by using libraries such as
> [Bouncy Castle|http://www.bouncycastle.org/].
> * Make use of the Jetty APIs to add a HTTPS connection. Example is
> [here|http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java].
> Let me know if you have any comments.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
