[jira] [Resolved] (HIVE-27271) Client connection to HS2 fails when transportMode=http, ssl=true, sslTrustStore specified without trustStorePassword in the JDBC URL

[Zhihua Deng (Jira)]

     [ 
https://issues.apache.org/jira/browse/HIVE-27271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Zhihua Deng resolved HIVE-27271.
--------------------------------
    Fix Version/s: 4.0.0
       Resolution: Fixed

Merged into master. Thank you [~VenuReddy] for the PR!

> Client connection to HS2 fails when transportMode=http, ssl=true, 
> sslTrustStore specified without trustStorePassword in the JDBC URL
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-27271
>                 URL: https://issues.apache.org/jira/browse/HIVE-27271
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Venugopal Reddy K
>            Assignee: Venugopal Reddy K
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 4.0.0
>
>         Attachments: image-2023-04-19-14-27-23-665.png
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> *[Description]*
> Client connection to HS2 fails with transportMode as http, ssl is enabled, 
> sslTrustStore is specified without trustStorePassword in the JDBC URL. Where 
> as with transportMode as binary, connection is successful without 
> trustStorePassword in the connection URL.
> trustStorePassword is not a necessary parameter in connection URL. Connection 
> can be established without it.
> From the javadocs 
> [Link|https://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html#load(java.io.InputStream,%20char%5B%5D)]
>  A password may be given to unlock the keystore (e.g. the keystore resides on 
> a hardware token device), or to check the integrity of the keystore data. If 
> a password is not given for integrity checking, then integrity checking is 
> not performed.
>  
> At present, org.apache.hive.jdbc.HiveConnection#getHttpClient() access 
> sslTrustStorePassword null reference and fails as shown below:
> !image-2023-04-19-14-27-23-665.png!
>  
> *[Steps to reproduce]*
> {code:java}
> kvenureddy@192 apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin % bin/beeline -u 
> "jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;"
> Error: Could not open client transport with JDBC Uri: 
> jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;:
>  Could not create an https connection to 
> jdbc:hive2://kvrtls-1.kvrtls.root.hwx.site:10001/default;ssl=true;sslTrustStore=/Users/kvenureddy/code/hive/cloudera/hive/packaging/target/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin/cm-auto-global_truststore.jks;transportMode=http;httpPath=cliservice;.
>  null (state=08S01,code=0)
> kvenureddy@192 apache-hive-3.1.3000.2023.0.15.0-SNAPSHOT-bin % 
> {code}
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)