TLS/SSL

The TLS (Transport Layer Security) and SSL (Secure Sockets Layer) protocols provide end-to-end encryption for communications between applications over a network. (Note that TLS is technically the replacement of SSL, but both are commonly referred to as SSL.)

Although BDD doesn't currently support TLS/SSL for its communications with Hadoop or for the communications between its components, you can enable it on Studio's outward-facing ports to encrypt user traffic. This can be done in one of the following ways:

Through WebLogic Server. You can enable this through BDD's configuration file before installing. This method activates WebLogic's default demo keystores, which you should replace with your own certificates after you install.
Through a reverse proxy server.

For more information on BDD's TLS/SSL options, see the Installation Guide.

TLS/SSL in Hadoop

BDD can run on Hadoop clusters secured with TLS/SSL.

Individual Hadoop services can be secured with TLS/SSL so that their communication with other secured services is encrypted. BDD can be configured to work with secured HDFS, YARN, Hive, and Key Management Server (KMS) at install or upgrade time. This results in its communications with those services being encrypted. For more information, see the Installation Guide.