Configure HiveServer2 Clients to use Encryption

Based on the encryption method, the requirements for clients to connect to HiveServer2 differ.

  • When HiveServer2 uses encryption with MapR-SASL or Kerberos authentication, the client must specify the same sasl qop value that is set for HiveServer2 (auth-conf is the default, recommended option).
  • When HiveServer2 uses SSL encryption without authentication, the client must specify a truststore. The ssl_truststore file must be copied from the cluster to the client. Specifying a truststore password is optional.

For details, see Connecting to Hive.