Dremio behind load balancer, SSL ODBC issues

Hi,

We have a dremio instance single node on an EC2 ubuntu instance, which is NOT SSL’d

This instance is behind an AWS network load balancer, and in the NLB, TLS is enabled for comms outside coming in.

The NLB then passes the request (as none TLS) through to the none TLS’d Dremio

When trying through Dremios ODBC driver, with TLS enabled in the ODBC configuration, I cannot connect.

In the Dremio server logs, I see the following entries…

2022-04-11 10:18:01,540 [UserServer-1] INFO c.d.sabot.rpc.user.UserRPCServer - [USER]: Channel closed /10.248.66.44:31010 <–> /10.248.66.187:65096 (user client)
2022-04-11 10:18:01,540 [UserServer-1] WARN c.d.e.s.o.SessionOptionManagerFactoryImpl - Could not find session with sessionId f6a35d4d-63fb-4f5f-b9bb-a560e625adf3.
2022-04-11 10:18:01,540 [UserServer-1] INFO com.dremio.ConnectionLog - [f6a35d4d-63fb-4f5f-b9bb-a560e625adf3] Connection Closed

Is there some special configuration involved somewhere for the following requirement?

Internet connected ODBC client → AWS NLB (31010 is TLS’d) → Vanilla Dremio (not SSL’d)

Appreciate the help you might be able to give!!

@spireite The above messages are INO only. Are you trying to connect a client that is secure to an unsecured Dremio?

@balaji.ramaswamy Yes, I am… the idea being that the Load Balanacer is the Secure entry point and then it passes the request unsecured onwards. Are you telling me this isn’t a possible configuration?

(I’m not a network guy, but the network guy tells me it should be possible).

I should also point out that the Dremio behind is a community version - I believe from the docs that this cannot be TLS’d?

@spireite That is right, community version does not support ODBC/JDBC SSL

https://docs.dremio.com/software/security/encrypting-dremio/#web-server-encryption

What is the exact error on the ODBC client?