Support Questions
Find answers, ask questions, and share your expertise

Enable SSL for CDH 5.15 Cluster

Re: Enable SSL for CDH 5.15 Cluster

Expert Contributor

Hello AKB,


Unfortunately the answer to your question is, no. It will not be easier or better to rely soley on TLS termination on a reverse proxy. For most balancing/proxying algorithims, hardware, and software we recommend TCP Passthrough which means that all Hadoop services must still have TLS properly deployed as well as enabled.


If you cluster is accessible by any external network we would advise that you properly deploy both Kerberos and TLS on your cluster.

Customer Operations Engineer | Security SME | Cloudera, Inc.