Configuring SSL Connections

Note:

In this documentation, "SSL" indicates both TLS (Transport Layer Security) and SSL (Secure Sockets Layer). The connector supports industry-standard versions of TLS/SSL.

If you are connecting to a Presto server that has SSL enabled, you can configure the connector to connect to an SSL-enabled socket. When connecting to a server over SSL, the connector uses one-way authentication to verify the identity of the server. Before configuring SSL in the connector, make sure that you have a TrustStore containing a signed, trusted SSL certificate for verifying the identity of the server.

You provide the configuration information to the connector in the connection URL. For more information about the syntax of the connection URL, see Building the Connection URL.

Note:

If Kerberos is enabled, then SSL is automatically enabled. Make sure to configure the connector to use an appropriate TrustStore.

To configure an SSL connection:

  1. If you are not using Kerberos, LDAP, or Password File authentication, then set the SSL property to 1.
  2. Set the SSLTrustStorePath property to the full path of the TrustStore that you want to use.
  3. Set the SSLTrustStorePwd property to your password for accessing the TrustStore.

For example:

jdbc:presto://192.168.203.141:8080;SSL=1;SSLTrustStorePath=C:\\Documents\\Presto_TrustCerts.jks;SSLTrustStorePwd=simba123

To configure a two-way SSL connection:

  1. If you are not using Kerberos, LDAP, or Password File authentication, then set the SSL property to 2.
  2. Set the SSLKeyStorePath property to the full path of the KeyStore that you want to use.
  3. Set the SSLKeyStorePwd property to your password for accessing the KeyStore.

For example:

jdbc:presto://192.168.203.141:8080;SSL=2;SSLKeyStorePath=C:\\Documents\\Presto_KeyCerts.jks;SSLKeyStorePwd=simba123

Related topics