Venki Korukanti created DRILL-3725: -------------------------------------- Summary: Add HTTPS support for Drill web interface Key: DRILL-3725 URL: https://issues.apache.org/jira/browse/DRILL-3725 Project: Apache Drill Issue Type: New Feature Components: Client - HTTP Reporter: Venki Korukanti Assignee: Venki Korukanti Fix For: 1.2.0
Currently web UI or REST API calls don't support transport layer security (TLS). This jira is to add support for TLS. We need this feature before adding the user authentication to Drill's web interface. Proposal is: * Always default to HTTPS * Cluster admin can set the following SSL configuration to specify their own keystore and/or truststore. ** java.net.ssl.keyStore ** java.net.ssl.keyStorePassword ** java.net.ssl.trustStore ** java.net.ssl.trustStorePassword * If cluster admin didn't specified the above SSL config, generate a self signed certificate programmatically and use it by using libraries such as [Bouncy Castle|http://www.bouncycastle.org/]. * Make use of the Jetty APIs to add a HTTPS connection. Example is [here|http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java]. Let me know if you have any comments. -- This message was sent by Atlassian JIRA (v6.3.4#6332)