I am working on setting the Ranger KMS on my cluster. So i have some doubts regarding that.
1. To read the encrypted data from HDFS, hdfs client interacts with ranger KMS to get DEK which is used to decrypt the data. So DEK flows over the network. By default is this communication not secure?
2. To enabke the SSL communication b/w hdfs client and ranger KMS, does it require the whole cluster to be SSL enabled? If not then what all components should be made secure for this communication to e secure?