Community Articles
Find and share helpful community-sourced technical articles.
Labels (1)
  1. Create the self signed certificate and add it to a keystore file using:
 keytool -genkey -alias -keyalg RSA -keystore keystore.jks -keysize 2048

2. List the keystore entries to verify that the certificate was added. Note that a keystore can contain multiple such certificates:

keytool -list -keystore keystore.jks

3. Export this certificate from keystore.jks to a certificate file:

keytool -export -alias -file -keystore keystore.jks

4. Add this certificate to the client's truststore to establish trust:

keytool -import -trustcacerts -alias -file -keystore truststore.jks

5. Verify that the certificate exists in truststore.jks:

keytool -list -keystore truststore.jks

6. Set hive.server2.thrift.sasl.qop=auth in HS2 configs

Then start HiveServer2, login with user->kinit->beeline and try to connect with beeline using:

!connect jdbc:hive2://<hs2_hostname>:10001/default;principal=<hive_principal>;transportMode=http;httpPath=cliservice;ssl=true;sslTrustStore=<truststore_file_path>;trustStorePassword=<truststore_password> 
Don't have an account?
Version history
Last update:
‎12-22-2016 05:38 AM
Updated by:
Top Kudoed Authors