Github user steveloughran commented on the pull request:
https://github.com/apache/spark/pull/5664#issuecomment-139206726
I'm not sure that YARN likes custom SSL certificates at all. Even if you do
set up the RM proxy up for them, there's the issue that as they are host-wide,
so every web/REST endpoint on the host can/should use the same certificate.
That said, there's probably no explicit reason why the RM Proxy doesn't handle
SSL except it's not been done âthat'd be the place to add the code.
Note of course that web/REST clients of AM web pages redirected via the Am
filter will have their communications direct with that RM proxy, using SPNEGO
and any https support of the AM proxy; you can lock down the long-haul bit of
the communications without adding HTTPS. It's the in-cluster TCP connections
that HTTPS -in-AM would address
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
