Complete the following steps to configure SSL for Impala:
Configure encryption in Hive. See Hive Encryption.
Add the following start-up options for Impala Server to
Full path to the server certificate on the local file system.
Full path to the server private key on the local file system.
For more information about configuring Impala start-up options, see Additional Impala Configuration Options.
When you add the SSL flags to Impala start-up options, Impala listens for HiveServer2 on the SSL-secured ports. A client program usually has equivalent options to verify a connection to the correct server.
After you enable SSL, you can issue the following options when you start the impala-shell:
|Enables SSL for the impala-shell.|
|Local path name that points to the third-party CA certificate, or to a copy of the server certificate for self-signed server certificates. If --ca_cert is not set, impala-shell enables SSL, but does not validate the server certificate. This is useful for connecting to an Impala node that you know is only running over SSL when a copy of the certificate is not available.|
For more information about the impala-shell, refer to Impala-Shell and Command Line Options.