question Hive Kerberos with SSL - how to configure in Support Questions https://community.cloudera.com/t5/Support-Questions/Hive-Kerberos-with-SSL-how-to-configure/m-p/363511#M239008 <P><SPAN>I followed&nbsp;</SPAN><A class="editor-rtfLink" href="https://docs.cloudera.com/cdp-private-cloud-base/7.1.8/securing-hive/topics/hive-enable-tls.html" target="_blank" rel="noopener"><SPAN>https://docs.cloudera.com/cdp-private-cloud-base/7.1.8/securing-hive/topics/hive-enable-tls.html</SPAN></A><SPAN>&nbsp;to configure Hive Kerberos with SSL. There was no issue, however , when I tried to obtain/display certs on client side to be used in connection, I obtained the following:</SPAN></P><P>&nbsp;</P><P><SPAN>openssl s_client -connect my_host:10000 -showcerts&nbsp; &nbsp; &nbsp; &nbsp;</SPAN></P><P><SPAN>CONNECTED(00000005)</SPAN></P><P><SPAN>read:errno=0</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>no peer certificate available</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>No client certificate CA names sent</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>SSL handshake has read 0 bytes and written 287 bytes</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>New, (NONE), Cipher is (NONE)</SPAN></P><P><SPAN>Secure Renegotiation IS NOT supported</SPAN></P><P><SPAN>Compression: NONE</SPAN></P><P><SPAN>Expansion: NONE</SPAN></P><P><SPAN>No ALPN negotiated</SPAN></P><P><SPAN>SSL-Session:</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Protocol : TLSv1.3</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Cipher : 0000</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Session-ID:&nbsp;</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Session-ID-ctx:&nbsp;</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Master-Key:&nbsp;</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Start Time: 1675956752</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Timeout : 7200 (sec)</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Verify return code: 0 (ok)</SPAN></P> Thu, 09 Feb 2023 15:36:32 GMT ArtG001 2023-02-09T15:36:32Z Hive Kerberos with SSL - how to configure https://community.cloudera.com/t5/Support-Questions/Hive-Kerberos-with-SSL-how-to-configure/m-p/363511#M239008 <P><SPAN>I followed&nbsp;</SPAN><A class="editor-rtfLink" href="https://docs.cloudera.com/cdp-private-cloud-base/7.1.8/securing-hive/topics/hive-enable-tls.html" target="_blank" rel="noopener"><SPAN>https://docs.cloudera.com/cdp-private-cloud-base/7.1.8/securing-hive/topics/hive-enable-tls.html</SPAN></A><SPAN>&nbsp;to configure Hive Kerberos with SSL. There was no issue, however , when I tried to obtain/display certs on client side to be used in connection, I obtained the following:</SPAN></P><P>&nbsp;</P><P><SPAN>openssl s_client -connect my_host:10000 -showcerts&nbsp; &nbsp; &nbsp; &nbsp;</SPAN></P><P><SPAN>CONNECTED(00000005)</SPAN></P><P><SPAN>read:errno=0</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>no peer certificate available</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>No client certificate CA names sent</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>SSL handshake has read 0 bytes and written 287 bytes</SPAN></P><P><SPAN>---</SPAN></P><P><SPAN>New, (NONE), Cipher is (NONE)</SPAN></P><P><SPAN>Secure Renegotiation IS NOT supported</SPAN></P><P><SPAN>Compression: NONE</SPAN></P><P><SPAN>Expansion: NONE</SPAN></P><P><SPAN>No ALPN negotiated</SPAN></P><P><SPAN>SSL-Session:</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Protocol : TLSv1.3</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Cipher : 0000</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Session-ID:&nbsp;</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Session-ID-ctx:&nbsp;</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Master-Key:&nbsp;</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Start Time: 1675956752</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Timeout : 7200 (sec)</SPAN></P><P><SPAN>&nbsp; &nbsp;&nbsp;Verify return code: 0 (ok)</SPAN></P> Thu, 09 Feb 2023 15:36:32 GMT https://community.cloudera.com/t5/Support-Questions/Hive-Kerberos-with-SSL-how-to-configure/m-p/363511#M239008 ArtG001 2023-02-09T15:36:32Z Re: Hive Kerberos with SSL - how to configure https://community.cloudera.com/t5/Support-Questions/Hive-Kerberos-with-SSL-how-to-configure/m-p/364799#M239238 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/103413">@ArtG001</a>&nbsp;Have you enabled SSL/TLS for Hiveserver2 as per the doc you have shared above, else we should see a valid result here? Do confirm.</P><P>&nbsp;</P><P>I tried the openssl command on a non SSL Hive endpoint and I got similar response.</P> Tue, 28 Feb 2023 10:07:22 GMT https://community.cloudera.com/t5/Support-Questions/Hive-Kerberos-with-SSL-how-to-configure/m-p/364799#M239238 smruti 2023-02-28T10:07:22Z