Skip to content

Security

SSL#

By default Privacera creates self-signed SSL certificates for accessing the Web Interfaces and REST end points. You have the option to bring your own SSL certificates or CA Signed Certificates. There are multiple endpoints. You can create a wild card certificate or get individual certificates.

Given below are the list of all the end points from Privacera. You might have to get the SSL certificates for the services you will be enabling.

Service Domain Prefix Privacera Features
Ranger Admin ranger Access Manager, Encryption
Privacera Portal portal Access Manager, Discovery, Encryption
Privacera Data Access Server dataserver Access Manager
Privacera Audit Server auditserver Access Manager, Discovery, Encryption
Apache Solr solr Access Manager, Discovery, Encryption

Vault#

If you are using Privacera Encryption, then there is an option to store the master key in external HSM. If you intend to use external HSM, then the following are supported.

Encryption Key for StorageClass#

If you are deploying Privacera in Kubernetes and if you are using encrypted StorageClass, then the key used will be needed during configuring Privacera. So please make it available


Last update: July 30, 2021