...
It's added in ZOOKEEPER-2125.
Client-Server Communication
The communication between ZooKeeper client and server has Netty and SSL support. Note that Netty needs to be enabled to use SSL.
Client
ZooKeeper client can use Netty by setting property:
Code Block | ||||
---|---|---|---|---|
| ||||
zookeeper.clientCnxnSocket="org.apache.zookeeper.ClientCnxnSocketNetty" |
In order to do secure communication on client, set property:
Code Block | ||||
---|---|---|---|---|
| ||||
zookeeper.client.secure=true |
Note that with this property set the client could and should only connect to server’s “secureClientPort” which will be described shortly.
...
Then set up keystore and truststore environment by setting the following properties:
Code Block | ||||
---|---|---|---|---|
| ||||
zookeeper.ssl.keyStore.location |
...
="/path/to/your/keystore" zookeeper.ssl.keyStore.password |
...
="keystore_password" zookeeper.ssl.trustStore.location |
...
="/path/to/your/truststore" zookeeper.ssl.trustStore.password="truststore_password" |
Quorum
Not supported yet!
Authentication
...