I am currently working on wired encryption of a HDP cluster. I found some basic information about wired encryption in the HDP documentation but nothing concerning Apache Storm. There's an article here in the forum describing how to activate SSL (HTTPS) for the Storm UI. On the Storm website you can find how to enable HTTPS for DRCP via HTTP and the log viewer.
But there is the pure DRPC via thrift which does not seem to be secured. I had a look on source code and it seems that this is just plain thrift.
Does anybody have some more details about Storm and Security.
Is there any other network based communication that can't be secured (not the Spout onces)? (e.g. Zookeeper)