Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Interfacing existing PKI with HDP and Ambari for authentification AND encryption

Solved Go to solution

Interfacing existing PKI with HDP and Ambari for authentification AND encryption

Good afternoon ! I 've juste read the HDFS Administration guide and Ranger KMS guide but I am faced with some questions: - Can I use my existing PKI in order to allow data encryption AND user authentification in HDP ? I know that I can use Kerberos or openLDAP, but those ways are still not very well understood for me If someone could help me to better understand, Please !?

Thank you very Much

Clem

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Interfacing existing PKI with HDP and Ambari for authentification AND encryption

Guru

Hello @faraon clément,

You can use your existing PKI intrastructure for securing the communication channel inside as well as outside of your Hadoop cluster. But same can not be used for either authentication or data encryption.

Kerberos is the de-fecto standard accepted & supported by Hadoop services when it comes to user authentication. Similarly you will have to use Ranger KMS to encrypt the data you are storing in HDFS.

Hope this helps !

View solution in original post

2 REPLIES 2
Highlighted

Re: Interfacing existing PKI with HDP and Ambari for authentification AND encryption

Guru

Hello @faraon clément,

You can use your existing PKI intrastructure for securing the communication channel inside as well as outside of your Hadoop cluster. But same can not be used for either authentication or data encryption.

Kerberos is the de-fecto standard accepted & supported by Hadoop services when it comes to user authentication. Similarly you will have to use Ranger KMS to encrypt the data you are storing in HDFS.

Hope this helps !

Highlighted

Re: Interfacing existing PKI with HDP and Ambari for authentification AND encryption

Guru

Hello @faraon clément,

You can use your existing PKI intrastructure for securing the communication channel inside as well as outside of your Hadoop cluster. But same can not be used for either authentication or data encryption.

Kerberos is the de-fecto standard accepted & supported by Hadoop services when it comes to user authentication. Similarly you will have to use Ranger KMS to encrypt the data you are storing in HDFS.

Hope this helps !

View solution in original post

Don't have an account?
Coming from Hortonworks? Activate your account here