[
https://issues.apache.org/jira/browse/HAWQ-1441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15989573#comment-15989573
]
Alexander Denissov commented on HAWQ-1441:
------------------------------------------
uploaded results of recent investigation as a PDF attachments. There will be a
few changes required:
- enable_ranger_plugin.sh script needs to work with https:// URLs and use .pem
key from the server in case RangerAdmin server uses self-signed certificate
- ranger-admin-services.sh script in RangerAdmin needs to be modified (by
customers) to work around potential RangerAdmin bug with not using provided
truststore
- ranger-policymgr-ssl.xml file needs to be created and shipped with RPM (pom
file update for RPM spec)
- documentation on how to create certificates / keystores and truststores
- commonNameForCertificate property needs to be added to the service definition
with reasonable default
> Implement SSL Access from RPS to Ranger
> ---------------------------------------
>
> Key: HAWQ-1441
> URL: https://issues.apache.org/jira/browse/HAWQ-1441
> Project: Apache HAWQ
> Issue Type: Sub-task
> Components: Security
> Reporter: Lili Ma
> Assignee: Ed Espino
> Fix For: backlog
>
> Attachments: RangerPluginServiceandSSLTLS.pdf
>
>
> SSL connection from Ranger plugin to Ranger is a way to ensure the security
> of data transferred between Ranger to Plugin Service. So we need to implement
> SSL support in RPS connection to Ranger.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
