[jira] [Work logged] (HIVE-24253) HMS and HS2 needs to support keystore/truststores types besides JKS by config

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HIVE-24253?focusedWorklogId=500888&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-500888
 ]

ASF GitHub Bot logged work on HIVE-24253:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 14/Oct/20 23:53
            Start Date: 14/Oct/20 23:53
    Worklog Time Spent: 10m 
      Work Description: yongzhi commented on a change in pull request #1580:
URL: https://github.com/apache/hive/pull/1580#discussion_r505082133



##########
File path: 
service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java
##########
@@ -136,6 +136,12 @@ public void onClosed(Connection connection) {
               ConfVars.HIVE_SERVER2_SSL_KEYSTORE_PATH.varname 
               + " Not configured for SSL connection");
         }
+        String keyStoreType = 
hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_TYPE).trim();
+        if (keyStoreType.isEmpty()) {
+          keyStoreType = KeyStore.getDefaultType();
+        }
+        String keyStoreAlgorithm = 
hiveConf.getVar(ConfVars.HIVE_SERVER2_SSL_KEYSTORE_ALGORITHM).trim();

Review comment:
       I will add




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 500888)
    Time Spent: 0.5h  (was: 20m)

> HMS and HS2 needs to support keystore/truststores types besides JKS by config
> -----------------------------------------------------------------------------
>
>                 Key: HIVE-24253
>                 URL: https://issues.apache.org/jira/browse/HIVE-24253
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2, Standalone Metastore
>            Reporter: Yongzhi Chen
>            Assignee: Yongzhi Chen
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> When HiveMetaStoreClient connects to HMS with enabled SSL, HMS should support 
> the Keystore type configurable and default to keystore type specified for the 
> JDK and not always use JKS. Same as HIVE-23958 for hive, HMS should support 
> to set additional keystore/truststore types used for different applications 
> like for FIPS crypto algorithms.
> Also, make hive keystore type and algorithm configurable.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)