python - unable to connect to TLS1.2 enabled HiveServer2

Question

I have HiveServer2 with SSL (minimum TLS1.2 enabled only) and LDAP enabled, no kerberos enabled. hive.server2.transport.mode = binary. Beeline connections work fine like: beeline -u jdbc:hive2://domain:10000/default\;ssl=true\;sslTrustStore=/home/user/query.jks\;trustStorePassword=blah -n user -p pass -e "SELECT * FROM table LIMIT 3"

As expected, via beeline not passing the right truststore details or wrong ldap credentials means connection does not work.

I want to use a python library to connect to HiveServer2 (specifically this Hive setup with TLS1.2).

I have looked at several libraries like impyla, pyhive, pyhs2, sqlalchemy but none are working for me. I see several issues raised by others:

There are many examples online of connecting without a TLS1.2 protected HiveServer2 instance.

`>>> from impala.dbapi import connect

conn = connect(host='domain', port=10000, use_ssl=True, auth_mechanism='LDAP', user='user', password='pass', ca_cert='/home/user/query.pem') Traceback (most recent call last): File "", line 1, in File "/usr/local/lib/python2.7/site-packages/impala/dbapi.py", line 147, in connect auth_mechanism=auth_mechanism) File "/usr/local/lib/python2.7/site-packages/impala/hiveserver2.py", line 658, in connect transport.open() File "/usr/local/lib/python2.7/site-packages/thrift_sasl/init.py", line 68, in open self._trans.open() File "/usr/local/lib64/python2.7/site-packages/thrift/transport/TSSLSocket.py", line 118, in open message=message) thrift.transport.TTransport.TTransportException: Could not connect to domain:10000: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:726)`

python - unable to connect to TLS1.2 enabled HiveServer2

Answers (1)

Related Questions