Enable OpenJSSE and TLS 1.3

Queries and transformations are encrypted before being send to your clusters. By default, the data exchanged between worker nodes in a cluster is not encrypted.

If you require that data is encrypted at all times, you can encrypt traffic between cluster worker nodes using AES 128 over a TLS 1.2 connection.

In some cases, you may want to use TLS 1.3 instead of TLS 1.2 because it allows for stronger ciphers.

To use TLS 1.3 on your clusters, you must enable OpenJSSE in the cluster’s Apache Spark configuration.

  1. Add spark.driver.extraJavaOptions -XX:+UseOpenJSSE to your Spark Config.
  2. Restart your cluster.

OpenJSSE and TLS 1.3 are now enabled on your cluster and can be used in notebooks.