From issues-return-194781-archive-asf-public=cust-asf.ponee.io@hive.apache.org Tue Jun 30 16:49:03 2020 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 8BD88180665 for ; Tue, 30 Jun 2020 18:49:03 +0200 (CEST) Received: (qmail 61234 invoked by uid 500); 30 Jun 2020 16:49:02 -0000 Mailing-List: contact issues-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@hive.apache.org Delivered-To: mailing list issues@hive.apache.org Received: (qmail 60989 invoked by uid 99); 30 Jun 2020 16:49:01 -0000 Received: from mailrelay1-us-west.apache.org (HELO mailrelay1-us-west.apache.org) (209.188.14.139) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 Jun 2020 16:49:01 +0000 Received: from jira-he-de.apache.org (static.172.67.40.188.clients.your-server.de [188.40.67.172]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id CD825414F6 for ; Tue, 30 Jun 2020 16:49:00 +0000 (UTC) Received: from jira-he-de.apache.org (localhost.localdomain [127.0.0.1]) by jira-he-de.apache.org (ASF Mail Server at jira-he-de.apache.org) with ESMTP id 2CD3D780948 for ; Tue, 30 Jun 2020 16:49:00 +0000 (UTC) Date: Tue, 30 Jun 2020 16:49:00 +0000 (UTC) From: "Yan Cheng (Jira)" To: issues@hive.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HIVE-20606) hive3.1 beeline to dns complaining about ssl on ip MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HIVE-20606?page=3Dcom.atlassia= n.jira.plugin.system.issuetabpanels:all-tabpanel ] Yan Cheng updated HIVE-20606: ----------------------------- Affects Version/s: 3.1.2 > hive3.1 beeline to dns complaining about ssl on ip > -------------------------------------------------- > > Key: HIVE-20606 > URL: https://issues.apache.org/jira/browse/HIVE-20606 > Project: Hive > Issue Type: Bug > Components: Beeline, HiveServer2 > Affects Versions: 3.1.0, 3.1.2 > Reporter: t oo > Priority: Blocker > > Why is beeline complaining about ip when i use dns in the connection? I h= ave a valid cert/jks on the dns. Exact same beeline worked when running on = hive2.3.2 but this is hive3.1.0 > [ec2-user@ip-10-1-2-3 logs]$ $HIVE_HOME/bin/beeline > SLF4J: Class path contains multiple SLF4J bindings. > SLF4J: Found binding in [jar:file:/usr/lib/apache-hive-3.1.0-bin/lib/log= 4j-slf4j-impl-2.10.0.jar!/org/slf4j/impl/StaticLoggerBinder.class] > SLF4J: Found binding in [jar:file:/usr/lib/hadoop-2.7.5/share/hadoop/com= mon/lib/slf4j-log4j12-1.7.10.jar!/org/slf4j/impl/StaticLoggerBinder.class] > SLF4J: See [http://www.slf4j.org/codes.html#multiple_bindings] for an ex= planation. > SLF4J: Actual binding is of type [org.apache.logging.slf4j.Log4jLoggerFa= ctory] > Beeline version 3.1.0 by Apache Hive > beeline> !connect jdbc:hive2://mydns:10000/default;ssl=3Dtrue;sslTrustSt= ore=3D/home/ec2-user/spark_home/conf/app-trust-nonprd.jks;trustStorePasswor= d=3Dchangeit userhere passhere > Connecting to jdbc:hive2://mydns:10000/default;ssl=3Dtrue;sslTrustStore= =3D/home/ec2-user/spark_home/conf/app-trust-nonprd.jks;trustStorePassword= =3Dchangeit > 18/09/20 04:49:06 [main]: WARN jdbc.HiveConnection: Failed to connect to= mydns:10000 > Unknown HS2 problem when communicating with Thrift server. > Error: Could not open client transport with JDBC Uri: jdbc:hive2://mydns= :10000/default;ssl=3Dtrue;sslTrustStore=3D/home/ec2-user/spark_home/conf/ap= p-trust-nonprd.jks;trustStorePassword=3Dchangeit: javax.net.ssl.SSLHandshak= eException: java.security.cert.CertificateException: No subject alternative= names matching IP address 10.1.2.3 found (state=3D08S01,code=3D0) > beeline> > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > =C2=A0 > hiveserver2 logs: > 2018-09-20T04:50:16,245 ERROR [HiveServer2-Handler-Pool: Thread-79] serve= r.TThreadPoolServer: Error occurred during processing of message. > java.lang.RuntimeException: org.apache.thrift.transport.TTransportExcepti= on: javax.net.ssl.SSLHandshakeException: Remote host closed connection duri= ng handshake > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:219) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadP= oolServer.java:269) ~[hive-exec-3.1.0.jar:3.1.0] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.= java:1149) ~[?:1.8.0_181] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor= .java:624) ~[?:1.8.0_181] > at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181] > Caused by: org.apache.thrift.transport.TTransportException: javax.net.ssl= .SSLHandshakeException: Remote host closed connection during handshake > at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTranspor= t.java:129) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TTransport.readAll(TTransport.java:86) ~[= hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTr= ansport.java:178) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessa= ge(TSaslServerTransport.java:125) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:2= 71) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTran= sport.java:41) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:216) ~[hive-exec-3.1.0.jar:3.1.0] > ... 4 more > Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connec= tion during handshake > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1002) ~[= ?:1.8.0_181] > at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.= java:1385) ~[?:1.8.0_181] > at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:938)= ~[?:1.8.0_181] > at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) ~[?:1.8= .0_181] > at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) ~[?:1.= 8.0_181] > at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) ~[?:1= .8.0_181] > at java.io.BufferedInputStream.read(BufferedInputStream.java:345) ~[?:1.= 8.0_181] > at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTranspor= t.java:127) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TTransport.readAll(TTransport.java:86) ~[= hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTr= ansport.java:178) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessa= ge(TSaslServerTransport.java:125) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:2= 71) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTran= sport.java:41) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:216) ~[hive-exec-3.1.0.jar:3.1.0] > ... 4 more > Caused by: java.io.EOFException: SSL peer shut down incorrectly > at sun.security.ssl.InputRecord.read(InputRecord.java:505) ~[?:1.8.0_181= ] > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983) ~[?= :1.8.0_181] > at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.= java:1385) ~[?:1.8.0_181] > at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:938)= ~[?:1.8.0_181] > at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) ~[?:1.8= .0_181] > at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) ~[?:1.= 8.0_181] > at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) ~[?:1= .8.0_181] > at java.io.BufferedInputStream.read(BufferedInputStream.java:345) ~[?:1.= 8.0_181] > at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTranspor= t.java:127) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TTransport.readAll(TTransport.java:86) ~[= hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTr= ansport.java:178) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessa= ge(TSaslServerTransport.java:125) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:2= 71) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTran= sport.java:41) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:216) ~[hive-exec-3.1.0.jar:3.1.0] > ... 4 more > 2018-09-20T04:50:19,075 ERROR [HiveServer2-Handler-Pool: Thread-79] serve= r.TThreadPoolServer: Error occurred during processing of message. > java.lang.RuntimeException: org.apache.thrift.transport.TTransportExcepti= on: javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_= unknown > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:219) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadP= oolServer.java:269) ~[hive-exec-3.1.0.jar:3.1.0] > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.= java:1149) ~[?:1.8.0_181] > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor= .java:624) ~[?:1.8.0_181] > at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181] > Caused by: org.apache.thrift.transport.TTransportException: javax.net.ssl= .SSLHandshakeException: Received fatal alert: certificate_unknown > at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTranspor= t.java:129) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TTransport.readAll(TTransport.java:86) ~[= hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTr= ansport.java:178) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessa= ge(TSaslServerTransport.java:125) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:2= 71) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTran= sport.java:41) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:216) ~[hive-exec-3.1.0.jar:3.1.0] > ... 4 more > Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: cer= tificate_unknown > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[?:1.8.0_18= 1] > at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) ~[?:1.8.0_18= 1] > at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2038) ~[?= :1.8.0_181] > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1135) ~[= ?:1.8.0_181] > at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.= java:1385) ~[?:1.8.0_181] > at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:938)= ~[?:1.8.0_181] > at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) ~[?:1.8= .0_181] > at java.io.BufferedInputStream.fill(BufferedInputStream.java:246) ~[?:1.= 8.0_181] > at java.io.BufferedInputStream.read1(BufferedInputStream.java:286) ~[?:1= .8.0_181] > at java.io.BufferedInputStream.read(BufferedInputStream.java:345) ~[?:1.= 8.0_181] > at org.apache.thrift.transport.TIOStreamTransport.read(TIOStreamTranspor= t.java:127) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TTransport.readAll(TTransport.java:86) ~[= hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTr= ansport.java:178) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessa= ge(TSaslServerTransport.java:125) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:2= 71) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTran= sport.java:41) ~[hive-exec-3.1.0.jar:3.1.0] > at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport= (TSaslServerTransport.java:216) ~[hive-exec-3.1.0.jar:3.1.0] > ... 4 more -- This message was sent by Atlassian Jira (v8.3.4#803005)