Return-Path: X-Original-To: apmail-zookeeper-user-archive@www.apache.org Delivered-To: apmail-zookeeper-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 85484112FA for ; Thu, 11 Sep 2014 05:14:50 +0000 (UTC) Received: (qmail 83417 invoked by uid 500); 11 Sep 2014 05:14:50 -0000 Delivered-To: apmail-zookeeper-user-archive@zookeeper.apache.org Received: (qmail 83362 invoked by uid 500); 11 Sep 2014 05:14:49 -0000 Mailing-List: contact user-help@zookeeper.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@zookeeper.apache.org Delivered-To: mailing list user@zookeeper.apache.org Received: (qmail 83351 invoked by uid 99); 11 Sep 2014 05:14:49 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Sep 2014 05:14:49 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of rakeshr@huawei.com designates 119.145.14.64 as permitted sender) Received: from [119.145.14.64] (HELO szxga01-in.huawei.com) (119.145.14.64) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Sep 2014 05:14:23 +0000 Received: from 172.24.2.119 (EHLO szxeml451-hub.china.huawei.com) ([172.24.2.119]) by szxrg01-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CBN18851; Thu, 11 Sep 2014 13:14:19 +0800 (CST) Received: from szxeml561-mbx.china.huawei.com ([169.254.5.186]) by szxeml451-hub.china.huawei.com ([10.82.67.194]) with mapi id 14.03.0158.001; Thu, 11 Sep 2014 13:14:12 +0800 From: Rakesh R To: "user@zookeeper.apache.org" Subject: RE: Does the ZooKeeper support encrypt communication among the ZooKeeper nodes? Thread-Topic: Does the ZooKeeper support encrypt communication among the ZooKeeper nodes? Thread-Index: Ac/NYMvX2SwsuDvISR6riFeWGSSihgAHLong Date: Thu, 11 Sep 2014 05:14:11 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US, zh-CN Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.18.170.130] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-CFilter-Loop: Reflected X-Virus-Checked: Checked by ClamAV on apache.org Hi Boying, ZooKeeper uses Netty framework for the client/server communication, but thi= s is configurable. By default ZK uses NIO, user needs to set java System pr= operty "zookeeper.serverCnxnFactory" to "org.apache.zookeeper.server.NettyS= erverCnxnFactory" to enable Netty based communication. Netty framework has built in support for encryption (SSL) and authenticatio= n (certificates). Below are few JIRA discusses similar cases, which are sti= ll open. https://issues.apache.org/jira/browse/ZOOKEEPER-236 https://issues.apache.org/jira/browse/ZOOKEEPER-235 Regards, Rakesh -----Original Message----- From: Lu, Boying [mailto:Boying.Lu@emc.com]=20 Sent: 11 September 2014 07:08 To: user@zookeeper.apache.org Subject: Does the ZooKeeper support encrypt communication among the ZooKeep= er nodes? Hi, All, Does anyone know if the ZooKeeper support encrypt communication among the Z= ooKeeper nodes? If not, is there any way to support that? E.g. stunnel? Thanks Boying