[
https://issues.apache.org/jira/browse/HIVE-26425?focusedWorklogId=795153&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-795153
]
ASF GitHub Bot logged work on HIVE-26425:
-----------------------------------------
Author: ASF GitHub Bot
Created on: 26/Jul/22 07:22
Start Date: 26/Jul/22 07:22
Worklog Time Spent: 10m
Work Description: hsnusonic commented on code in PR #3473:
URL: https://github.com/apache/hive/pull/3473#discussion_r929612792
##########
common/src/java/org/apache/hadoop/hive/conf/HiveConf.java:
##########
@@ -4250,6 +4250,9 @@ public static enum ConfVars {
HIVE_SERVER2_AUTHENTICATION_JWT_JWKS_URL("hive.server2.authentication.jwt.jwks.url",
"",
"URL of the file from where URLBasedJWKSProvider will try to load JWKS
if JWT is enabled for the\n" +
"authentication mode."),
+
HIVE_SERVER2_AUTHENTICATION_JWT_JWKS_SKIP_SSL_CERT("hive.server2.authentication.jwt.jwks.skip.ssl.cert",
false,
Review Comment:
I feel `hive.in.test` is used in unit tests only and some server behaviors
are changed. Won't `hive.in.test` interfere other functionalities when we spin
up a cluster?
Issue Time Tracking
-------------------
Worklog Id: (was: 795153)
Time Spent: 50m (was: 40m)
> Skip SSL cert verification for downloading JWKS in HS2
> ------------------------------------------------------
>
> Key: HIVE-26425
> URL: https://issues.apache.org/jira/browse/HIVE-26425
> Project: Hive
> Issue Type: New Feature
> Reporter: Yu-Wen Lai
> Assignee: Yu-Wen Lai
> Priority: Major
> Labels: pull-request-available
> Time Spent: 50m
> Remaining Estimate: 0h
>
> In a dev/test/staging environment, we would probably use letsencrypt staging
> certificate for a token generation service. However, its certificate is not
> accepted by JVM by default. To ease JWT testing in those kind of
> environments, we can introduce a property to disable the certificate
> verification just for JWKS downloads.
> Ref: https://letsencrypt.org/docs/staging-environment/
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
