Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-21364

Reconsider the value of the "metastore.dbaccess.ssl.use.SSL" property

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 4.0.0
    • Fix Version/s: None
    • Labels:
      None

      Description

      Right now, the "metastore.dbaccess.ssl.use.SSL" (Use SSL) property is opaque and not useful. It does not provide any value, beyond allowing the "metastore.dbaccess.ssl.truststore.*" (Truststore) properties to be used.

      We should reconsider the use of this property, and whether or not we should simply remove it, or provide more functionality. At the very least, we should prevent the "Truststore" properties from having to use the "Use SSL" to be effective. It just adds an extra configuration with very little value.

      Some ideas on how to improve the "Use SSL" property (and their challenges) include:

      • Automatically append the database-specific SSL flag to the JDBC String (javax.jdo.option.ConnectionURL). E.g. append "sslmode=verify" for a MySQL database.
        • Challenge:¬†We would have to maintain database version and type compatibility with the JDBC parameters. They change based on version and type. Would be difficult to constantly update.
      • Remove the property, and allow the user to configure the "Truststore" property and JDBC URL string at their own accord.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mramdenbourg Morio Ramdenbourg
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: