When TLS is enabled on HS2, Hue is relying on HS2 config for sslTrustStore and trustStorePassword. However since HS2 does not have to mutually authenticate client connections, configuring truststore for HS2 is not really required. So it is not generally populated. This causes Hue to generate bad HS2 JDBC URLs. It is also not possible to override the HS2 JDBC URL provided in the hive2 action GUI. It is completely ignored.