exalate-issue-sync[bot]
commented
1 year ago - use https for client connections (or specify how in docs)
- use username and password for client connections? (or specify how in docs)
- update h2o3
Open exalate-issue-sync[bot] opened 1 year ago
exalate-issue-sync[bot]
commented
1 year ago exalate-issue-sync[bot]
commented
1 year ago Pratap Ramamurthy commented: Please provide more details on issue.
exalate-issue-sync[bot]
commented
1 year ago Joseph Granados commented: Only the Flow UI is secured by password and https. The nodes can be connected to with h2o.init() without a password or https. Need to secure h2o.init() / h2o.connect() connections.
exalate-issue-sync[bot]
commented
1 year ago Jorge Hernandez Villapol commented: Current Solution uses nginx to redirect the port 54321 to https (443) and is secured via username/password combination. But the port 54321 remains open and unprotected.
I pushed a fix to enable https using Java Keystore and Hash Login on the server side. [http://docs.h2o.ai/h2o/latest-stable/h2o-docs/security.html#https|http://docs.h2o.ai/h2o/latest-stable/h2o-docs/security.html#https] [http://docs.h2o.ai/h2o/latest-stable/h2o-docs/security.html#hash-file-authentication|http://docs.h2o.ai/h2o/latest-stable/h2o-docs/security.html#hash-file-authentication]
Python client can connect using:
{{h2o.connect(ip = ip, https=True, verify_ssl_certificates=False, auth=(username,password))}}
Currently updating to latest h2o version and testing before publishing on the gcp marketplace.
exalate-issue-sync[bot]
commented
1 year ago Jorge Hernandez Villapol commented: TODO: Create a PR to update the docs.
h2o-ops
commented
1 year ago JIRA Issue Migration Info
Jira Issue: PUBDEV-6947 Assignee: Jorge Hernandez Villapol Reporter: Joseph Granados State: In Progress Fix Version: N/A Attachments: N/A Development PRs: N/A