Hey Joze, Ldaps is a different port like 636 or something. Default port does not work as far as I remember.
Could you check if something on these lines ? Thanks, Anurag Tangri Sent from my iPhone > On Jun 15, 2016, at 3:01 PM, Jose Rozanec <jose.roza...@mercadolibre.com> > wrote: > > Hi, > > We upgraded to 2.1.0, but we still cannot get it working: we get "LDAP: error > code 34 - invalid DN". We double-checked the DN configuration, and the ldap > team agrees is ok. > We then configured SSL parameters as well (hive.server2.use.SSL, > hive.server2.keystore.path, hive.server2.keystore.password), so that Hive > would know where the truststore is located and its password, but in that case > we get the following error: "SSLException: Unrecognized SSL message, > plaintext connection". Our LDAP server does not expose the ssl certificate on > the default port (443), but in the one LDAPS is configured. May that cause > some trouble? > > We would value any insight or guidance from those who already worked on this. > > Thanks! > > Joze. > > > > > > 2016-06-13 9:45 GMT-03:00 Jose Rozanec <jose.roza...@mercadolibre.com>: >> Thank you for the quick response. Will try upgrading to version 2.1.0 >> >> Thanks! >> >> 2016-06-13 4:34 GMT-03:00 Oleksiy S <osayankin.superu...@gmail.com>: >>>> Hello, >>>> >>>> We are working on a Hive 2.0.0 cluster, to configure LDAPS authentication, >>>> but I get some errors preventing a successful authentication. >>>> Does anyone have some insight on how to solve this? >>>> >>>> The problem >>>> The errors we get are (first is most frequent): >>>> - sun.security.provider.certpath.SunCertPathBuilderException: unable to >>>> find valid certification path to requested target >>>> - javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN] >>>> >>>> Our config >>>> We configure the certificate obtaining a jssecacerts file and overriding >>>> Java's default at master, as specified in this post. >>>> >>>> hive-site.xml has the following properties: >>>> <property> >>>> <name>hive.server2.authentication</name> >>>> <value>LDAP</value> >>>> </property> >>>> <property> >>>> <name>hive.server2.authentication.ldap.url</name> >>>> <value>ldaps://ip:port</value> >>>> </property> >>>> <property> >>>> <name>hive.server2.authentication.ldap.baseDN</name> >>>> <value>dc=net,dc=com</value> >>>> </property> >>>> >>>> Thanks! >>>> >>>> Joze. >>> >>> >>> This issue is fixed here https://issues.apache.org/jira/browse/HIVE-12885 >>> >>>> On Fri, Jun 10, 2016 at 10:41 PM, Jose Rozanec >>>> <jose.roza...@mercadolibre.com> wrote: >>>> Hello, >>>> >>>> We are working on a Hive 2.0.0 cluster, to configure LDAPS authentication, >>>> but I get some errors preventing a successful authentication. >>>> Does anyone have some insight on how to solve this? >>>> >>>> The problem >>>> The errors we get are (first is most frequent): >>>> - sun.security.provider.certpath.SunCertPathBuilderException: unable to >>>> find valid certification path to requested target >>>> - javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN] >>>> >>>> Our config >>>> We configure the certificate obtaining a jssecacerts file and overriding >>>> Java's default at master, as specified in this post. >>>> >>>> hive-site.xml has the following properties: >>>> <property> >>>> <name>hive.server2.authentication</name> >>>> <value>LDAP</value> >>>> </property> >>>> <property> >>>> <name>hive.server2.authentication.ldap.url</name> >>>> <value>ldaps://ip:port</value> >>>> </property> >>>> <property> >>>> <name>hive.server2.authentication.ldap.baseDN</name> >>>> <value>dc=net,dc=com</value> >>>> </property> >>>> >>>> Thanks! >>>> >>>> Joze. >>> >>> >>> >>> -- >>> Oleksiy >> >
