THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Note that with this property set the client could and should only connect to server’s “secureClientPort” “secureClientPort” which will be described shortly.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
zookeeper.ssl.keyStore.location="/path/to/your/keystore"
zookeeper.ssl.keyStore.password="keystore_password"
zookeeper.ssl.trustStore.location="/path/to/your/truststore"
zookeeper.ssl.trustStore.password="truststore_password" |
Server
ZooKeeper server can use Netty by setting property:
| Code Block | ||||
|---|---|---|---|---|
| ||||
zookeeper.serverCnxnFactory="org.apache.zookeeper.server.NettyServerCnxnFactory" |
ZooKeeper server also needs to provide a listening port to accept secure client connections. This port is different from and running in parallel with the known “clientPort”. It should be added in “zoo.cfg”:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
...
secureClientPort=2281 |
All secure clients (mentioned above) should connect to this port.
Then set up keystore and truststore environment like what client does.
Quorum
Not supported yet!
Authentication
...