[
https://issues.apache.org/jira/browse/SPARK-55201?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Ay updated SPARK-55201:
------------------------------
Description:
Currently, when SSL/TLS is enabled for Spark Web UIs (History Server, Master,
Worker), Spark still binds to an insecure HTTP port to provide redirection.
These open ports are flagged as a vulnerability by security scanners.
We should introduce a new configuration to allow Spark to skip binding the HTTP
port entirely when HTTPS is active.
was:
Currently, when SSL/TLS is enabled for Spark Web UIs (History Server, Master,
Worker), Spark still binds to an insecure HTTP port to provide redirection.
These open ports are flagged as a vulnerability by security scanners.
We should introduce a new configuration to allow Spark to skip binding the HTTP
port entirely when HTTPS is active.
> Add option to disable insecure HTTP port when SSL is enabled
> ------------------------------------------------------------
>
> Key: SPARK-55201
> URL: https://issues.apache.org/jira/browse/SPARK-55201
> Project: Spark
> Issue Type: Task
> Components: Spark Core, Web UI
> Affects Versions: 4.2.0
> Reporter: Daniel Ay
> Priority: Minor
>
> Currently, when SSL/TLS is enabled for Spark Web UIs (History Server, Master,
> Worker), Spark still binds to an insecure HTTP port to provide redirection.
> These open ports are flagged as a vulnerability by security scanners.
> We should introduce a new configuration to allow Spark to skip binding the
> HTTP port entirely when HTTPS is active.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
