[jira] [Created] (ZEPPELIN-883) Zeppelin to expose configuring SSL protocol, included and excluded ciphers

Wed, 25 May 2016 08:49:37 -0700 

Vinay Shukla created ZEPPELIN-883:
-------------------------------------

             Summary: Zeppelin to expose configuring SSL protocol, included and 
excluded ciphers
                 Key: ZEPPELIN-883
                 URL: https://issues.apache.org/jira/browse/ZEPPELIN-883
             Project: Zeppelin
          Issue Type: Bug
          Components: zeppelin-server
            Reporter: Vinay Shukla
            Assignee: Vinay Shukla


Zeppelin leverages Jetty but today only exposes the following SSL properties.


<property>
  <name>zeppelin.ssl</name>
  <value>false</value>
  <description>Should SSL be used by the servers?</description>
</property>

<property>
  <name>zeppelin.ssl.client.auth</name>
  <value>false</value>
  <description>Should client authentication be used for SSL 
connections?</description>
</property>

<property>
  <name>zeppelin.ssl.keystore.path</name>
  <value>keystore</value>
  <description>Path to keystore relative to Zeppelin configuration 
directory</description>
</property>

<property>
  <name>zeppelin.ssl.keystore.type</name>
  <value>JKS</value>
  <description>The format of the given keystore (e.g. JKS or 
PKCS12)</description>
</property>

<property>
  <name>zeppelin.ssl.keystore.password</name>
  <value>change me</value>
  <description>Keystore password. Can be obfuscated by the Jetty Password 
tool</description>
</property>

<!--
<property>
  <name>zeppelin.ssl.key.manager.password</name>
  <value>change me</value>
  <description>Key Manager password. Defaults to keystore password. Can be 
obfuscated.</description>
</property>
-->

<property>
  <name>zeppelin.ssl.truststore.path</name>
  <value>truststore</value>
  <description>Path to truststore relative to Zeppelin configuration directory. 
Defaults to the keystore path</description>
</property>

<property>
  <name>zeppelin.ssl.truststore.type</name>
  <value>JKS</value>
  <description>The format of the given truststore (e.g. JKS or PKCS12). 
Defaults to the same type as the keystore type</description>
</property>

<!--
<property>
  <name>zeppelin.ssl.truststore.password</name>
  <value>change me</value>
  <description>Truststore password. Can be obfuscated by the Jetty Password 
tool. Defaults to the keystore password</description>
</property>

Jetty supports configuring SSL protocol, included/excluded ciphers, which  are 
needed to enhance security.  Zeppelin should allow configuring these settings.





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to