Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Does CDH support backend database using SSL/TLS?

SOLVED Go to solution

Does CDH support backend database using SSL/TLS?

Expert Contributor

I can't find any instruction on this. Is there anyway to enable SSL/TLS between CM services such as CM, HIVE, Navigator, etc. and backend DB such as mysql, postgres and oralce?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Does CDH support backend database using SSL/TLS?

Expert Contributor

Hello,

 

Thank you for reaching out to us on this, unfortunately at this time we do not provide any easily configurable mechanisms to make TLS on the backing databases simplistic to deploy. Generally speaking the JDBC drivers that allow these applications to talk to the database are capable of handling TLS but they must be configured by hand or through safety valves depending on the specific service. If you are a licensed customer please contact your Account Team for assistance.

Customer Operations Engineer | Security SME | Cloudera, Inc.
3 REPLIES 3

Re: Does CDH support backend database using SSL/TLS?

Expert Contributor

Hello,

 

Thank you for reaching out to us on this, unfortunately at this time we do not provide any easily configurable mechanisms to make TLS on the backing databases simplistic to deploy. Generally speaking the JDBC drivers that allow these applications to talk to the database are capable of handling TLS but they must be configured by hand or through safety valves depending on the specific service. If you are a licensed customer please contact your Account Team for assistance.

Customer Operations Engineer | Security SME | Cloudera, Inc.

Re: Does CDH support backend database using SSL/TLS?

Expert Contributor

Thanks. For cloud deployment, we definately want SSL/TLS for backend DBs.

Re: Does CDH support backend database using SSL/TLS?

Contributor

Has this situation improved over the past year?  Is there any public information on how to secure the back-end database connections?