Securing web server communication

Communication for the web servers in your cluster is by default secured over SSL during installation. If you did not enable SSL during installation, enable SSL later to secure client-server connections. You can optionally disable SSL communication for a non-production environment. Enabling SSL communication is highly recommended when integrity and confidentiality of data transmission is essential.

To secure your cluster, you can configure SSL for the following tiers:
  • Tier 1, which includes system services. For example, the cluster management console.
  • Tier 2, which includes Spark instance groups services. For example, the Spark history service.
  • Tier 3, which includes the Spark driver and notebook server.
Note: For all Tier 1 files, you must either copy the files onto all hosts or make sure that the files are on a shared file system location that all management hosts can access. The default location for the files is local.