Created 05-05-2017 09:29 PM
I'm working with a customer to help them connect to hive using ODBC and all was working well until recently, the Admins reconfigured Knox to require only TLSv1.2. Since then, the connection to Knox is failing as follows:
echo "show databases" | isql -v -d, Knox [S1000][unixODBC][Hortonworks][ThriftExtension] (6) Error occurred while contacting server: SSL_connect: error code: 0. This could be because you are trying to establish a SSL connection to a server that does not have SSL enabled. [ISQL]ERROR: Could not SQLConnect Here is the /etc/odbc.ini file:
HiveServerType=2 Driver =/usr/lib/hive/lib/native/Linux-amd64-64/libhortonworkshiveodbc64.so Host=xxxxx.xxx PORT=8443 UID=xxxxx PWD=xxxxxxx AuthMech=3 Schema=default SSL=1 TrustedCerts=/somepath/certificate.cer HTTPPath=gateway/default/hive ThriftTransport=2 UseNativeQuery=1 CAIssuedCertNamesMismatch=1
Any ideas, how to configure the Client to use TLSv1.2?
Hello @Reza Khan,
Please check if :
1. you are connecting to HiveServer2 over http (i.e. HS2 is running in http mode instead of binary)
2. you have import Knox server's SSL certificate into your truststore (I can see /somepath/certificate.cer, yet you should cross check by listing the certificate content)
3. you are able to connect to HS2 using beeline with the connection string like this:
beeline> !connect jdbc:hive2://<knox-server-fqdn>:8443/;ssl=true;sslTrustStore=/tmp/knox-truststore.jks;trustStorePassword=hadoop;transportMode=http;httpPath=gateway/default/hive
Please paste more output of above command here so that we can understand the issue better and help you out further.
Hope this helps !
Hi @Vipin Rathor,
Thanks for the answer. After some more digging, we saw that Simba fixed a problem with TLS 1.2 on Hive ODBC driver version 2.1.7:
After installing the 2.1.7 ODBC driver, we retried the connection and everything was working.
Thanks for your support.