Return-Path: X-Original-To: apmail-hadoop-common-user-archive@www.apache.org Delivered-To: apmail-hadoop-common-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id A2152E52C for ; Mon, 11 Mar 2013 22:15:20 +0000 (UTC) Received: (qmail 47231 invoked by uid 500); 11 Mar 2013 22:15:15 -0000 Delivered-To: apmail-hadoop-common-user-archive@hadoop.apache.org Received: (qmail 47117 invoked by uid 500); 11 Mar 2013 22:15:15 -0000 Mailing-List: contact user-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@hadoop.apache.org Delivered-To: mailing list user@hadoop.apache.org Received: (qmail 47109 invoked by uid 99); 11 Mar 2013 22:15:15 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Mar 2013 22:15:15 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: 74.125.82.181 is neither permitted nor denied by domain of michael@sqrrl.com) Received: from [74.125.82.181] (HELO mail-we0-f181.google.com) (74.125.82.181) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Mar 2013 22:15:10 +0000 Received: by mail-we0-f181.google.com with SMTP id t44so4095198wey.40 for ; Mon, 11 Mar 2013 15:14:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type:x-gm-message-state; bh=zpxXnEoMvsQ4GT8Qv22Rs0H6yQgpOPBxNo/7M80Ipdc=; b=ZvKpcx4UrCmXSvCnFEx9ZMKEFGj+gDnI0AlfhC04hyNiZO6QiAJ77m1GIzjcsudjAj WowDM/AkDfbtZwwB3Yaw59HBqFOCTRqFbFMda6X9n7C6qLx9Op4n/uOupWhzs0sU7CPc 5dyxrozoCGtZId9XIkQx58wWkONZyKGUwLX32zo3N9JNhAWSgq9Jsw0EqqjzZmd3rzkL TO2SZRsuq5KHvoOfmgV3yuATfVH4RlSA9u+YL42dbjtTN0luhY12NW8y2yC7ZAsAmMfj 6s8OFy66wLVDiFjBqXxp8MGoVph7EVh8Oz9AKugqW5s/Zw5dWKd4Qxmcceot9eVCAAE8 66qA== MIME-Version: 1.0 X-Received: by 10.194.133.198 with SMTP id pe6mr22529519wjb.9.1363040086780; Mon, 11 Mar 2013 15:14:46 -0700 (PDT) Received: by 10.180.160.164 with HTTP; Mon, 11 Mar 2013 15:14:46 -0700 (PDT) Date: Mon, 11 Mar 2013 15:14:46 -0700 Message-ID: Subject: Configuring HDFS access over SSL / TLS From: Michael Allen To: user@hadoop.apache.org Content-Type: multipart/alternative; boundary=089e01175f7d30055f04d7ad801c X-Gm-Message-State: ALoCoQnS9MXvbZNokYyBX2Yd28mn6iGQ0W5Eu3eQacRC9Tgf8+o3DINo8gys8cTJ/m8u4CDBYhNi X-Virus-Checked: Checked by ClamAV on apache.org --089e01175f7d30055f04d7ad801c Content-Type: text/plain; charset=ISO-8859-1 Hi all, I'm new to the Hadoop community. I'm trying to figure out if I'm missing something, or if there is really no straightforward way to enable HDFS access over SSL / TLS. >From the discussion I've seen on various sites and this mailing list, one may configure SSL for: - the HDFS proxy server, which seems to be read only - the webHDFS protocol, i.e. the newer REST-based API - the administrative HTML interface but there doesn't appear to be a way to secure the regular HDFS RPC-style connections with SSL / TLS. Am I missing something obvious? Thanks, - Mike --089e01175f7d30055f04d7ad801c Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

Hi all, I'm new to the Hadoop community. =A0I'm tr= ying to figure out if I'm missing something, or if there is really no s= traightforward way to enable HDFS access over SSL / TLS.

>From the discussion I've seen on various sites and this mailing list, o= ne may configure SSL for:

- the HDFS p= roxy server, which seems to be read only

- the webHDFS protocol, i.e. the newer REST-based API

- the administrative= HTML interface

but there doesn't appear to be a way to secure the regular HDFS RP= C-style connections with SSL / TLS.

Am I missing something = obvious? =A0

Thanks,=

- Mike

--089e01175f7d30055f04d7ad801c--