Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search

SSL Communication failed between Hue and Impala

Labels:
avatar
author-rank avengers
Contributor

Created ‎11-16-2020 10:54 PM

When I click impala query profile, Hue raise error.

Exception cause Self-signed certificate.

I am finding the solution.

 

 

 

bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)"

 

 

 

Current configuration in my cluster :

Impala :

 

 

Enable TLS/SSL for Impala : disabled
SSL/TLS Certificate for Impala component Webserver : Daemon, Catalog, Statestore enabled

 

 

 

I want to set PEM file path.

Where are Hue - [Impala] - [[ssl]] properties used?

 

 

1,628 Views
0 Kudos
3 REPLIES 3

avatar
author-rank GangWar author-rank
Master Guru

Created ‎11-17-2020 01:23 AM

@avengers The path can be set in Hue.ini[1] and it is controlled in CDH by safety valve setting. 

 

CM > Hue > Configuration > Hue Service Advanced Configuration Snippet (Safety Valve) for hue_safety_valve.ini

 

Please refer the doc for SSL related configuration as well: 

 

[1] https://github.com/cloudera/hue/blob/master/desktop/conf.dist/hue.ini#L1329


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
1,607 Views
0 Kudos

avatar
author-rank avengers
Contributor

Created on ‎11-17-2020 05:21 PM - edited ‎11-17-2020 11:13 PM

Thanks to your answer.

I have read documents in your answer.

 

How cat  I disable Self-Signed Certificate verify?

Like this : 

[hadoop]
[[hdfs_clusters]]
[[[default]]]
ssl_cert_ca_verify=False

[[yarn_clusters]]
[[[default]]]
ssl_cert_ca_verify=False

 

 

 

 

1,597 Views
0 Kudos

avatar
author-rank GangWar author-rank
Master Guru

Created ‎11-23-2020 10:00 PM

@avengers  The parameter disables the cert check it's independent of self signed or CA signed. 

ssl_cert_ca_verify=False

 


Cheers!
Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.
1,569 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements