Securing Dremio UI
Enabling HTTPS on Dremio’s web server
Add the following parameter to dremio.conf on your coordinator nodes:
services.coordinator.web.ssl.enabled: true
This will automatically generate a self-signed certificated. Go to https://<DREMIO_COORDINATOR>:9047
.
WARNING
Using a self-signed certificate in production is not recommended for security reasons. Most browsers will also warn users when loading the UI in this mode.
Custom SSL keyStore
and trustStore
settings
Custom SSL keyStore
and trustStore
can be set using dremio.conf file. If the following are set Dremio will not auto-generate a self-signed certificate.
note:
In Dremio 24+, the following properties in dremio.conf can be encrypted using the dremio-admin encrypt
CLI command:
-
keyStorePassword
-
trustStorePassword
services.coordinator.web.ssl.keyStore: "path/to/keystore/jks/file",
services.coordinator.web.ssl.keyStorePassword: "keyStorePassword",
services.coordinator.web.ssl.trustStore: "path/to/trustStore", (Optional)
services.coordinator.web.ssl.trustStorePassword: "trustStorePassword" (Optional)
Was this page helpful?
Glad to hear it! Thank you for your feedback.
Sorry to hear that. Thank you for your feedback.