[HIVE-21364] Reconsider the value of the "metastore.dbaccess.ssl.use.SSL" property - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 4.0.0
Fix Version/s: None
Component/s: Metastore, Standalone Metastore
Labels:
None

Description

Right now, the "metastore.dbaccess.ssl.use.SSL" (Use SSL) property is opaque and not useful. It does not provide any value, beyond allowing the "metastore.dbaccess.ssl.truststore.*" (Truststore) properties to be used.

We should reconsider the use of this property, and whether or not we should simply remove it, or provide more functionality. At the very least, we should prevent the "Truststore" properties from having to use the "Use SSL" to be effective. It just adds an extra configuration with very little value.

Some ideas on how to improve the "Use SSL" property (and their challenges) include:

Automatically append the database-specific SSL flag to the JDBC String (javax.jdo.option.ConnectionURL). E.g. append "sslmode=verify" for a MySQL database.
- Challenge: We would have to maintain database version and type compatibility with the JDBC parameters. They change based on version and type. Would be difficult to constantly update.
Remove the property, and allow the user to configure the "Truststore" property and JDBC URL string at their own accord.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Morio Ramdenbourg

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28/Feb/19 22:01

Updated:: 28/Feb/19 22:04