Jason Fehr created IMPALA-14894:
-----------------------------------
Summary: Configure TLS Version and Cipher Suites on Outbound
Client Connections
Key: IMPALA-14894
URL: https://issues.apache.org/jira/browse/IMPALA-14894
Project: IMPALA
Issue Type: Story
Reporter: Jason Fehr
Where Impala acts as a client and makes outbound network calls outside of the
Impala cluster (such as to HDFS, S3, HBase, Ranger, HMS, etc), add startup
flags to specify:
1. minimum allowed TLS version (cannot be less than 1.2)
2. maximum allowed TLS version (must be greater than or equal to minimum
allowed TLS version)
3. TLS v1.2 allowed cipersuites (if minimum allowed TLS version is 1.2)
4. TLS v1.4 allowed cipersuites (if maximum allowed TLS version is 1.2)
Configure all outbound client connections (outside the Impala cluster) to use
these settings. If the server cannot provide a TLS connection that meets the
required TLS version or ciphersuites, then terminate the connection and error.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
