Github user sohami commented on a diff in the pull request:
https://github.com/apache/drill/pull/950#discussion_r140122588
--- Diff: distribution/src/resources/drill-override-example.conf ---
@@ -222,7 +222,35 @@ drill.exec: {
# Full workspace name should be indicated (including schema and
workspace separated by dot).
# Workspace MUST be file-based and writable. Workspace name is
case-sensitive.
default_temporary_workspace: "dfs.tmp"
+
+ # Enable and provide additional parameters for Client-Server
communication over SSL
+ # see also the javax.net.ssl parameters below
+ security.user.encryption.ssl: {
+ #Set this to true to enable all client server communication to occur
over SSL.
+ enabled: false,
+ #key password is optional if it is the same as the keystore password
+ keyPassword: "key_passwd",
+ #Optional handshakeTimeout in milliseconds. Default is 10000 ms (10
seconds)
+ handshakeTimeout: 10000,
+ #protocol is optional. Drill will default to TLSv1.2
+ protocol: "TLSv1.2"
+ }
+}
+
+# The SSL parameters below need to be set for custom transport layer
settings. These are used by
+# both the WebServer (for HTTPS) and for Client-Server communication over
SSL.
+javax.net.ssl {
--- End diff --
These are java system property and recommendation should not be to set
these in configuration file instead it should be passed as command line
arguments. Later when config resolution will happen it will take care of
merging system property and the drill's configuration property value. Same for
below options.
---
