SSL Certificates in Clusters
The Drill server requires an SSL certificate. The certificate can be self-signed or signed by a CA (Certificate Authority).
The sections below describe how to use SSL certificates in Data Fabric clusters.
SSL in a Cluster
In a secure Data Fabric cluster, SSL is configured by default but not enabled. In a secure cluster, the keystore is configured for you. The security in a Data Fabric cluster uses a self-signed certificate. If you have a certificate signed by a certificate authority, follow the instructions for How to Import CA (Certificate Authority) Signed Certficates to Ezmeral Data Fabric 7, and then enable and configure SSL.
To use SSL, enable the SSL option and then modify any of the available configuration
options as needed.
- To enable SSL for the ODBC/JDBC client to Drillbit communication path, you must enable SSL on the client side and Drillbit. See Drill Drivers for client instructions. See Configuring SSL/TLS for the Drillbit.
- To enable SSL for the Drill Web UI, see Configuring the Drill Web UI and Web API Security.
After you modify the configuration options, restart Drill, as
shown:
$ maprcli node services -name drill-bits -action restart -nodes <node host names separated by a space>