[jira] [Work logged] (HIVE-24253) HMS and HS2 needs to support keystore/truststores types besides JKS by config

Thu, 15 Oct 2020 12:05:11 -0700 


     [ 
https://issues.apache.org/jira/browse/HIVE-24253?focusedWorklogId=501243&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-501243
 ]

ASF GitHub Bot logged work on HIVE-24253:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 15/Oct/20 19:04
            Start Date: 15/Oct/20 19:04
    Worklog Time Spent: 10m 
      Work Description: nrg4878 commented on a change in pull request #1580:
URL: https://github.com/apache/hive/pull/1580#discussion_r505775031



##########
File path: jdbc/src/java/org/apache/hive/jdbc/Utils.java
##########
@@ -105,6 +105,8 @@
     public static final String USE_SSL = "ssl";
     public static final String SSL_TRUST_STORE = "sslTrustStore";
     public static final String SSL_TRUST_STORE_PASSWORD = "trustStorePassword";
+    public static final String SSL_TRUST_STORE_TYPE = "trustStoreType";

Review comment:
       So now instead of defaulting to JKS, the client always has to provide 
"trustStoreType=JKS" in the connection params? Wouldnt this break backward 
compatibility with existing applications ?




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


Issue Time Tracking
-------------------

    Worklog Id:     (was: 501243)
    Time Spent: 1h 10m  (was: 1h)

> HMS and HS2 needs to support keystore/truststores types besides JKS by config
> -----------------------------------------------------------------------------
>
>                 Key: HIVE-24253
>                 URL: https://issues.apache.org/jira/browse/HIVE-24253
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2, Standalone Metastore
>            Reporter: Yongzhi Chen
>            Assignee: Yongzhi Chen
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h 10m
>  Remaining Estimate: 0h
>
> When HiveMetaStoreClient connects to HMS with enabled SSL, HMS should support 
> the Keystore type configurable and default to keystore type specified for the 
> JDK and not always use JKS. Same as HIVE-23958 for hive, HMS should support 
> to set additional keystore/truststore types used for different applications 
> like for FIPS crypto algorithms.
> Also, make hive keystore type and algorithm configurable.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to