In this recipe, you will learn how to make communication secure and limit the possibility of eavesdropping by enabling SSL.
Prepare certificates for encryption. We assume they are stored in
If you don't have certificates, you can create some with the following commands. Remember certificates are prepared only for example purposes and should not be used in a production environment:
mkdir -p /etc/mesos/conf/sslopensslreq -batch -nodes -new -x509 -keyout /etc/mesos/conf/ssl/key.pem -out /etc/mesos/conf/ssl/cert.pem
If you want to build Mesos from source with SSL enabled, configure the source code with the following options before you build it:
./configure --enable-libevent --enable-ssl.
To enable SSL, add the following lines to
SSL_ENABLED=1 SSL_KEY_FILE=/etc/mesos/conf/ssl/key.pem SSL_CERT_FILE=/etc/mesos/conf/ssl/cert.pem SSL_REQUIRE_CERT=false