Securing SnappyData Monitoring Console Connection

You can secure the SnappyData Monitoring Console with SSL authentication, so that the UI can be accessed only over HTTPS. The following configurations are needed to set up SSL enabled connections for SnappyData Monitoring Console:

To set up SSL enabled connections for SnappyData Monitoring Console:

  1. Make sure that you have valid SSL certificate imported into truststore.

  2. Provide the following spark configuration in the conf/lead files:

    localhost -spark.ssl.enabled=true -spark.ssl.protocol=<ssl-protocol> -spark.ssl.enabledAlgorithms=<comma-separated-list-of-ciphers> -spark.ssl.keyPassword=<key-password> -spark.ssl.keyStore=<path-to-key-store> -spark.ssl.keyStorePassword=<key-store-password> -spark.ssl.keyStoreType=<key-store-type> -spark.ssl.trustStore=<path-to-trust-store> -spark.ssl.trustStorePassword=<trust-store-password> -spark.ssl.trustStoreType=<trust-store-type>

    Note

    • If using TLS SSL protocol, the enabledAlgorithms can be TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
    • Store types could be JKS or PKCS12.

  3. Launch the Snappy cluster.
    ./sbin/snappy-start-all.sh

  4. Launch the SnappyData Monitoring Console in your web browser. You are directed to the HTTPS site.

Note

You are automatically redirected to HTTPS (on port 5450) even if the SnappyData Monitoring Console is accessed with HTTP protocol.