Support Questions

pash83 · ‎06-28-2016

Hi,

I am getting the following error message while trying to connect to the jdbc connection. I don't have kerberos authentication enabled. I guess I need to update the information about my jdbc url. Can you please suggest how/where to update the jdbc url information and the property ssl=true

ERROR [HiveServer2-Handler-Pool: Thread-45]: server.TThreadPoolServer (TThreadPoolServer.java:run(296)) - Error occurred during processing of message.

java.lang.RuntimeException: org.apache.thrift.transport.TTransportException: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219)

at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:268)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)

at java.lang.Thread.run(Thread.java:745)

Caused by: org.apache.thrift.transport.TTransportException: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

Thanks

Pash

emaxwell · ‎06-28-2016

@khaja pasha shake

To use SSL for Hiveserver2, you will need to first enable SSL for Hiveserver2. Assuming you've already done that, your JDBC connection string will need to look something like:

jdbc:hive2//server.name:10000/mydb;ssl=true;sslTrustStore=/path/to/truststore.jks;trustStorePassword=MyBadPass1

pash83 · ‎06-28-2016

@emaxwell

Thanks for replying. Yes, I am able to connect from beeline with the above command, but where can I update this setting so that it can take the authentication to simple and ssl=true automatically from Ambari, I don't use beeline for connecting/authentication.

Hope you understand my issue.

Thanks again

Pash

emaxwell · ‎06-28-2016

@khaja pasha shake

In the configuration for the Hive view, you can add the SSL parameters to the authorization section. Here is a screenshot that should help:

pash83 · ‎06-28-2016

emaxwell, thak you!

Just to update, these settings were already updated iin hive-site.xml file.

Just to be clear I'm getting the reported error when I'm trying to run HiveDRTool, to copy data from source to destination cluster using falcon hive replication.

I think the client cannot validate the servers certificate because it does not have the truststore set in the jdbc url and I'm not sure where to setup the truststore in the jdbc url and where would the jdbc url is located?

Hope I'm clear this time and sorry for any confusion earlier.

Thanks

Pash

emaxwell · ‎07-01-2016

@khaja pasha shake

The truststore needs to exist on the node where you are running the Falcon commands (e.g. the Falcon server node). You can create the keystore with the keytool command and import the certificate into that node's keystone. Then specify the location on the Falcon server node for the keystore .

jchiapetta · ‎07-11-2016

Hi @khaja pasha shaik

Current HiveDR functionality doesn't support SSL.

Thanks

Juan

Cloudera Community

Support Questions

how to setup the hive client url ssl=true?