To disable SSLv3 for old Hue version, do the following: 1.) open file "/usr/lib/hue/desktop/core/src/desktop/lib/wsgiserver.py" 2.) add the following line, after line no. 1669: ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_SSLv3) 3.) restart Hue To check if Hue replies on SSLv3 or not you can use this one: openssl s_client -connect <hue-server-name>:<hue-port> -ssl3 Here the corresponding GitHub patch, thanks to @cdraper: https://github.com/cloudera/hue/commit/0060abf9aae0049c082c9948658eea7df848ab6e ... View more

In Ambari the Hiveserver2 is shown as "green", but there is an alert indicating problem with the Hiverserver2 process. This is due to a known bug in HDP2.2.3/2.2.4, that at Hive startup time no Kerberos ticket will be grabbed. To get rid of that alert, login to the Hiveserver node, become user hive and execute a "kinit -kt /etc/security/keytabs/hive.service.keytab hive/<hiveserver>@<REALM>" (if you keytab is in that default directory) to ensure the hive user got a valid Kerberos ticket. Afterwards you can restart Hiveserver in Ambari and the alert will disappear (Thanks to @dprichici for highlighting this) Regards, Gerd ... View more