nmukerje · June 18, 2018 19:11
diff --git a/hive_ssl b/hive_ssl
 >> Created the key 

 keytool -genkey -alias hiveserver2 -keyalg RSA -keystore /tmp/hs2keystore.jks -keysize 2048

 Enter keystore password: XXXXXXXX
 Re-enter new password: XXXXXXXX
 What is your first and last name?
  [Unknown]:  localhost
 What is the name of your organizational unit?
  [Unknown]:  myorg
 What is the name of your organization?
  [Unknown]:  myorg
 What is the name of your City or Locality?
  [Unknown]:  Herndon
 What is the name of your State or Province?
  [Unknown]:  VA
 What is the two-letter country code for this unit?
  [Unknown]:  US
 Is CN=localhost, OU=myorg, O=myorg, L=Herndon, ST=VA, C=US correct?
  [no]:  yes

 Enter key password for <hiveserver2>
 	(RETURN if same as keystore password):

 Warning:
 The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /tmp/hs5keystore.jks -destkeystore /tmp/hs5keystore.jks -deststoretype pkcs12".


 >> Later exported the certificate 

 keytool -export -alias hiveserver2 -file hiveserver2.crt -keystore /tmp/hs2keystore.jks. 


 >> Imported above certificated into truststore 

 keytool -import -trustcacerts -alias hiveserver2 -file hiveserver2.crt -keystore /tmp/truststore.jks

 Edited /etc/hive/conf/hive-site.xml 

 <property>
  <name>hive.server2.use.SSL</name>
  <value>true</value>
 </property>
   
 <property>
  <name>hive.server2.keystore.path</name>
  <value>/tmp/hs2keystore.jks</value>
 </property>
  
 <property>
  <name>hive.server2.keystore.password</name>
  <value>xxxxxx</value>
 </property>

 >> Restarted the hive servers, 
 sudo stop hive-server2 
 sudo stop hive-hcatalog-server 
 sudo start hive-hcatalog-server 
 sudo start hive-server2 

 >> Invoked beeline 
 >> beeline 
 >> beeline> !connect jdbc:hive2://localhost:10000/default;ssl=true;sslTrustStore=/tmp/truststore.jks;trustStorePassword=XXXXXX
 Connecting to jdbc:hive2://localhost:10000/default;ssl=true;sslTrustStore=/tmp/truststore.jks;trustStorePassword=1234567
 Enter username for jdbc:hive2://localhost:10000/default: hive
 Enter password for jdbc:hive2://localhost:10000/default: ****************.                               
 Connected to: Apache Hive (version 2.3.2-amzn-2)
 Driver: Hive JDBC (version 2.3.2-amzn-2)
	>> Created the key

	keytool -genkey -alias hiveserver2 -keyalg RSA -keystore /tmp/hs2keystore.jks -keysize 2048

	Enter keystore password: XXXXXXXX
	Re-enter new password: XXXXXXXX
	What is your first and last name?
	[Unknown]: localhost
	What is the name of your organizational unit?
	[Unknown]: myorg
	What is the name of your organization?
	[Unknown]: myorg
	What is the name of your City or Locality?
	[Unknown]: Herndon
	What is the name of your State or Province?
	[Unknown]: VA
	What is the two-letter country code for this unit?
	[Unknown]: US
	Is CN=localhost, OU=myorg, O=myorg, L=Herndon, ST=VA, C=US correct?
	[no]: yes

	Enter key password for <hiveserver2>
	(RETURN if same as keystore password):

	Warning:
	The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /tmp/hs5keystore.jks -destkeystore /tmp/hs5keystore.jks -deststoretype pkcs12".


	>> Later exported the certificate

	keytool -export -alias hiveserver2 -file hiveserver2.crt -keystore /tmp/hs2keystore.jks.


	>> Imported above certificated into truststore

	keytool -import -trustcacerts -alias hiveserver2 -file hiveserver2.crt -keystore /tmp/truststore.jks

	Edited /etc/hive/conf/hive-site.xml

	<property>
	<name>hive.server2.use.SSL</name>
	<value>true</value>
	</property>

	<property>
	<name>hive.server2.keystore.path</name>
	<value>/tmp/hs2keystore.jks</value>
	</property>

	<property>
	<name>hive.server2.keystore.password</name>
	<value>xxxxxx</value>
	</property>

	>> Restarted the hive servers,
	sudo stop hive-server2
	sudo stop hive-hcatalog-server
	sudo start hive-hcatalog-server
	sudo start hive-server2

	>> Invoked beeline
	>> beeline
	>> beeline> !connect jdbc:hive2://localhost:10000/default;ssl=true;sslTrustStore=/tmp/truststore.jks;trustStorePassword=XXXXXX
	Connecting to jdbc:hive2://localhost:10000/default;ssl=true;sslTrustStore=/tmp/truststore.jks;trustStorePassword=1234567
	Enter username for jdbc:hive2://localhost:10000/default: hive
	Enter password for jdbc:hive2://localhost:10000/default: ****************.
	Connected to: Apache Hive (version 2.3.2-amzn-2)
	Driver: Hive JDBC (version 2.3.2-amzn-2)