Configuring Wire Encryption
Also available as:
PDF
loading table of contents...

Set up SSL with self-signed certificates

Use the following steps to create and verify self-signed SSL certificates for use with HiveServer2.

  1. List the keystore entries to verify that the certificate was added. Note that a keystore can contain multiple such certificates: keytool -list -keystore keystore.jks.
  2. Export this certificate from keystore.jks to a certificate file: keytool -export -alias example.com -file example.com.crt -keystore keystore.jks.
  3. Add this certificate to the client's truststore to establish trust: keytool -import -trustcacerts -alias example.com -file example.com.crt -keystore truststore.jks.
  4. Verify that the certificate exists in truststore.jks: keytool -list -keystore truststore.jks.
  5. Then start HiveServer2, and try to connect with beeline using: jdbc:hive2://<host>:<port>/<database>;ssl=true;sslTrustStore=<path-to-truststore>;trustStorePassword=<truststore-password>.