Morio Ramdenbourg created HIVE-21364:
----------------------------------------
Summary: Reconsider the value of the
"metastore.dbaccess.ssl.use.SSL" property
Key: HIVE-21364
URL: https://issues.apache.org/jira/browse/HIVE-21364
Project: Hive
Issue Type: Improvement
Components: Metastore, Standalone Metastore
Affects Versions: 4.0.0
Reporter: Morio Ramdenbourg
Right now, the "metastore.dbaccess.ssl.use.SSL" (Use SSL) property is opaque
and not useful. It does not provide any value, beyond allowing the
"metastore.dbaccess.ssl.truststore.*" (Truststore) properties to be used.
We should reconsider the use of this property, and whether or not we should
simply remove it, or provide more functionality. At the very least, we should
prevent the "Truststore" properties from having to use the "Use SSL" to be
effective. It just adds an extra configuration with very little value.
Some ideas on how to improve the "Use SSL" property (and their challenges)
include:
* Automatically append the database-specific SSL flag to the JDBC String
(javax.jdo.option.ConnectionURL). E.g. append "sslmode=verify" for a MySQL
database.
** Challenge: We would have to maintain database version and type
compatibility with the JDBC parameters. They change based on version and type.
Would be difficult to constantly update.
* Remove the property, and allow the user to configure the "Truststore"
property and JDBC URL string at their own accord.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
