Hi , We are stuck with the same issue. We have installed 1) CDH 6.1 cluster 2) MIT Kerberos enabled 3) SSL enabled for impala   WE are getting the error   [Simba][ImpalaJDBCDriver](500164) Error initialized or created transport for authentication: [Simba][ImpalaJDBCDriver](500169) Unable to connect to server: GSS initiate failed Also, could not send response: org.apache.thrift.transport.TTransportException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.   jdbc:impala://Loadbalancer.amazonaws.com:21050/default;AuthMech=1;KrbHostFQDN=master2-impala-146.com;KrbRealm=PRODIMPALA.COM;KrbServiceName=impala;SSL=1;CAIssuedCertNamesMismatch=1;SocketTimeout=10;loglevel=6;logpath=d:\;TrustedCerts=D:\CA-Certs\\cacerts   Also imported the pem file into /jre/lib/security/cacerts   Tried with both impala jdbc 4 & 4.1 driver.   I tried with jks file too. It's throwing GSS initiate error.   Any help would be really appreciated.   Regards, Balaji     ... View more

@Tomas79 wrote: Update: try Toad for Hadoop. It supports Impala and Hive with Kerberos, unfortunately the combination LDAP+Kerberos is not supported (yet). Not supported, but where is a trick how to connect to Impala under Kerberos + LDAP in TOAD for Hadoop. 1) First, select in TOAD Impala + LDAP only (without Kerberos) and check connection. It fails, well. 2) Enable Kerberos in TOAD (LDAP auth options will become unalivable), but still actual. Check connection again. 3) Success! ... View more