Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

If you configure the servers to use SSL, and then configure the clients (from the StreamSets perspective, i.e. origins) to use that secure channel (ex: by having https as the URL prefix for HTTP and setting up the trust store, using encrypted ports/options for JDBC URLs, etc.), then the communication will be encrypted as you would expect. You can verify by turning off the insecure ports for your servers and ensure everything is still running.

As data flows through Data Collector, it is not encrypted, but is only stored in memory. It is not written to disk unless you specifically configure a stage to do so. Beware that certain stages can end up logging various things that can turn into data (ex: if you enable request logging for HTTP client origin, the response payload could be logged depending on your configuration). For preview, data is sent to the browser in plaintext, so if you are concerned with snooping on that traffic then you need to ensure you have configured Data Collector to use HTTPS via the https.port property (see here).