How to force SSL/TLS connections

We need to enforce encrypted connections between our BI tool and Dremio. How do we configure Dremio to accept SSL/TLS connections?

Dremio uses TLS for the UI, but the JDBC/ODBC drivers don’t support it right now.

Do you also require TLS between the coordinator and executors, or just between the BI tool and Dremio?

We would need it between the coordinators and executors also.

Why do you think you need encrypted connections between coordinator and executors?

It is required for compliance with our organization’s security policy.

Is organization security policy to:

  1. Encrypt traffic from outside of firewall to inside or all inside as well?
  2. Encrypt data transfer or data transfer as well as non-data transfer traffic?
  1. We encrypt both.

  2. Only data transfer.

Hello,

Are there any plans for TLS encrypted JDBC / ODBC Dremio drivers?

Thx

This is on the roadmap, but currently no specific release timeframes.

Hi firefly707, thanks for you reply!
I’m responding to an RFP that requires encrytped ODBC read access over the internet and we’re including Dremio so a ball-park date/range of when it would materialise would be useful, the timeframe of the project when such an encrypted ODBC connection should be made available is at least 18 months from now.

Do you have any other solution that would allow an encrypted ODBC connection over public internet to Dremio without falling back to obvious choices such as VPN or an IPSec tunnel etc?

Thanks!

Sorry, don’t know if there are other alternatives outside IPSec or VPN. 18 months is a safe bet. Hope to have it much sooner.

Quick follow-up to this. The ability to encrypt ODBC and JDBC connections was added to the 3.0 release. You can find instructions for each in our documentation here.

ODBC
https://docs.dremio.com/drivers/dremio-odbc-driver.html

JDBC
https://docs.dremio.com/drivers/dremio-jdbc-driver.html#jdbc-parameters-for-dremio-wire-encryption

Thanks!