MapR 5.0 Documentation : Enabling SSL Encryption Between Hue and Hive

The following procedure explains how to enable SSL encryption between Hue and Hive. This procedure works on a secure cluster. 

  1. Start Hue:

    maprcli node services -name hue -action start -nodes <node name>

    When you start or restart Hue on a secure cluster, keys are generated at $HUE_HOME. If generated keystore files already exist in that location, the script does nothing. The script is located here: $HUE_HOME/bin/, and it runs with a set of default parameters, which should not be changed.


  2. Add the following SSL configuration information to the hue.ini file (under the beeswax section):

    # SSL communication enabled for this server.
    # Path to certificate authority certificates.
    ## cacerts=/etc/hue/cacerts.pem
    # Path to the private key file.
    # Path to the public certificate file.
    # Choose whether Hue should validate certificates received from the server.
  3. Make sure that no custom authentication mechanism is turned on and configure the hive-site.xml with the following properties:

          <description>enable/disable SSL communication</description>
          <description>path to keystore file</description>
          <description>keystore password</description>
  4. Restart Hue, Hive Metastore, and HiveServer2.

    • To restart Hue:

      maprcli node services -name hue -action start -nodes <hostname>
    • To restart Hive Metastore:

      maprcli node services -name hivemeta -action start -nodes <space delimited list of nodes>
    • To restart HiveServer2:

      maprcli node services -name hs2 -action start -nodes <space delimited list of nodes>