You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "Venugopal Reddy K (Jira)" <ji...@apache.org> on 2023/04/19 09:11:00 UTC

[jira] [Assigned] (HIVE-27271) Client connection to HS2 fails when transportMode=http, ssl=true, sslTrustStore specified without trustStorePassword in the JDBC URL

     [ https://issues.apache.org/jira/browse/HIVE-27271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Venugopal Reddy K reassigned HIVE-27271:
----------------------------------------

    Assignee: Venugopal Reddy K

> Client connection to HS2 fails when transportMode=http, ssl=true, sslTrustStore specified without trustStorePassword in the JDBC URL
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-27271
>                 URL: https://issues.apache.org/jira/browse/HIVE-27271
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Venugopal Reddy K
>            Assignee: Venugopal Reddy K
>            Priority: Major
>         Attachments: image-2023-04-19-14-27-23-665.png
>
>
> *[Description]*
> Client connection to HS2 fails with transportMode as http, ssl is enabled, sslTrustStore is specified without trustStorePassword in the JDBC URL. Where as with transportMode as binary, connection is successful without trustStorePassword in the connection URL.
> trustStorePassword is not a necessary parameter in connection URL. Connection can be established without it.
> From the javadocs [Link|https://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html#load(java.io.InputStream,%20char%5B%5D)] A password may be given to unlock the keystore (e.g. the keystore resides on a hardware token device), or to check the integrity of the keystore data. If a password is not given for integrity checking, then integrity checking is not performed.
>  
> At present, org.apache.hive.jdbc.HiveConnection#getHttpClient() access sslTrustStorePassword null reference and fails as shown below:
> !image-2023-04-19-14-27-23-665.png!
>  
> *[Steps to reproduce]*
> {code:java}
> kvenureddy@192 apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin % bin/beeline -u "jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;"
> Error: Could not open client transport with JDBC Uri: jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;: Could not create an https connection to jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;. null (state=08S01,code=0)
> kvenureddy@192 apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin % 
> {code}
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)