search

lenchv / hive-driver

Driver for connection to Apache Hive via Thrift API
MIT License
40 stars 9 forks source link

how to provide certs via sslTrustStore url param? #18

Closed ntallapa12 closed 4 years ago

ntallapa12 commented 4 years ago

We are currently using encrypted cluster with below 2 params to the connection URL ssl=true;sslTrustStore=/usr/java/latest/jre/lib/security/jssecacerts

How do I pass these two values in hive-driver's client connection?

lenchv commented 4 years ago

Hi @ntallapa12 !

First, you have to extract certs from your java keystore: /usr/java/latest/jre/lib/security/jssecacerts

To do this, you can use npm module jks-js

npm install jks-js --save
const fs = require('fs');
const jks = require('jks-js');
const keystore = jks.toPem(
    fs.readFileSync('/usr/java/latest/jre/lib/security/jssecacerts'),
    'passphrase'
);
const { key, cert } = keystore["alias"];

// And then you can connect with extracted cert and key:

const hive = require('hive-driver');

return client.connect({
    host: 'hostname',
    port: 10000,
    options: {
        ssl: true,
        cert: cert,
        key: key,
    }
 }, new hive.connections.TcpConnection(), new hive.auth.NoSaslAuthentication());

So, you should know the passphrase of your keystore (in case it is encrypted) and alias name (keystore["alias"])

Here you may find an example of connection: link

Please, let me know if it works for you.

ntallapa12 commented 4 years ago

awesome, thank you for quick response. I will try it and update here.

lenchv commented 4 years ago

@ntallapa12 have you had a chance to try the proposed solution? Did it help?

ntallapa12 commented 4 years ago

Not yet, will be doing it in couple of days mostly by eod 04/02.

Will update the ticket immediately after it.

Thanks,

On Mon, Mar 30, 2020 at 8:00 AM Volodymyr Liench notifications@github.com wrote:

@ntallapa12 https://github.com/ntallapa12 have you had a chance to try the proposed solution? Did it help?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/lenchv/hive-driver/issues/18#issuecomment-605983916, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACIVKBSO2SGVULC234LC2QTRKCJVXANCNFSM4LVKPN6A .

-- Thanks, Niranjan

ntallapa12 commented 4 years ago

This is working good, closed it