[
https://issues.apache.org/jira/browse/HIVE-23075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17066660#comment-17066660
]
Oleksiy Sayankin commented on HIVE-23075:
-----------------------------------------
*FIXED*
*SOLUTION*
*1.*
Add new property {{hive.ssl.protocol.version}} with default value {{TLSv1.2}}.
This is SSL protocol versions for all Hive Servers. This property is set in
{{hive-site.xml}} and requires Hive services to be restarted to make the change
take effect.
*2.*
Add logging with SSL version. See example in HiveServer2:
{code}
2020-03-23T14:24:57,907 INFO [main] http.HttpServer: Current SSL protocol
version is TLSv1.2
2020-03-23T14:24:58,008 INFO [Thread-8] auth.HiveAuthUtils: SSL Server Socket
Enabled Protocols: [SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2]
2020-03-23T14:24:58,008 INFO [Thread-8] thrift.ThriftCLIService: Current SSL
protocol version is TLSv1.2
2020-03-23T14:24:58,119 INFO [main] server.AbstractConnector: Started
ServerConnector@71978f46{SSL,[ssl, http/1.1]}{0.0.0.0:10002}
{code}
In webhcat:
{code}
INFO | 23 Mar 2020 14:25:03,363 | org.apache.hive.hcatalog.templeton.Main |
Using SSL for templeton.
INFO | 23 Mar 2020 14:25:03,641 | org.apache.hive.hcatalog.templeton.Main |
Current SSL protocol version is TLSv1.2
{code}
*EFFECTS*
1. JDBC SSL connection
2. WebHCat SSL conection
> Add property for manual configuration of SSL version
> ----------------------------------------------------
>
> Key: HIVE-23075
> URL: https://issues.apache.org/jira/browse/HIVE-23075
> Project: Hive
> Issue Type: Improvement
> Components: Security
> Reporter: Oleksiy Sayankin
> Assignee: Oleksiy Sayankin
> Priority: Major
> Attachments: HIVE-23075.1.patch
>
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Add property for manual configuration of SSL version
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
