Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Enable SSL for CDH 5.15 Cluster

Re: Enable SSL for CDH 5.15 Cluster

Expert Contributor

Hello AKB,

 

Unfortunately the answer to your question is, no. It will not be easier or better to rely soley on TLS termination on a reverse proxy. For most balancing/proxying algorithims, hardware, and software we recommend TCP Passthrough which means that all Hadoop services must still have TLS properly deployed as well as enabled.

 

If you cluster is accessible by any external network we would advise that you properly deploy both Kerberos and TLS on your cluster.

Customer Operations Engineer | Security SME | Cloudera, Inc.