Are SSL and Kerberos compatible to each other on Hive Server?

Question

My Hive server is SSL as well as Kerberos enabled. But when I try to connect to hiverserver2 via beeline using following command:

*!connect jdbc:hive2://**hostnameOfServer**:10000/hive;ssl=true;sslTrustStore=**keystorePath**;trustStorePassword=**passwordfor keystore**;principal=**Kerberos hive principal** **database username** **database password** org.apache.hive.jdbc.HiveDriver*

I get following error :

Error: Could not open client transport with JDBC Uri: jdbc:hive2://hostnameOfServer:10000/hive;ssl=true;sslTrustStore=keystorePath;trustStorePassword=passwordfor keystore;principal=Kerberos hive principal database username database password org.apache.hive.jdbc.HiveDriver: Invalid status 21 (state=08S01,code=0)

Also I tried using following command on beeline:

jdbc:hive2://**hostnameOfServer**:10000/hive;principal=**Kerberos hive principal**?transportMode=https;httpPath=cliservice;auth=kerberos;sasl.qop=auth.

But got same error.

Are ssl and kerberos compatible to each other?

Side note: with Kerberos authentication, user and password args are ignored. You must either (a) have a valid Kerberos ticket in the default ticket cache or (b) provide the raw JAAS config to define how to create a ticket automatically (via Java system properties). — Samson Scharfrichter

Kumar Kumar · Accepted Answer · 2017-03-06T11:23:56

Yes it is compatible from version Hive-2.0.0. Check the below JIRA task for more information

https://issues.apache.org/jira/browse/HIVE-14019

Are SSL and Kerberos compatible to each other on Hive Server?

1 Answers