cassandra TLS

sridharakb · 03-04-2019 10:07 PM

Hi team,

when i try to add TLS to the cassandra nodes (for internode communication). I found "MessagingService.java:464 - Starting Encrypted Messaging Service on SSL port 7001" in system.log file. but when i run nodetool status all the other nodes are showing DN

except for the current node (we have 3 node cassandra cluster) 5 node setup.

My cassandra.properties config file contains

conf_cassandra_internode_encryption=all conf_cassandra_keystore=/opt/apigee/customer/application/keystore.jks conf_cassandra_keystore_password=password#### conf_cassandra_truststore=/opt/apigee/customer/application/myTrustStore conf_cassandra_truststore_password=password####

So my question is..

1. Is it possible to add TLS to the cassandra for internode communication

2. If TLS is possible for cassandra what is the configuration file..

Please help me to rectify this issue... Since i didn't find any other errors in the log file. even in system.log or config.log or apigee-cassandra.log

path to the cassandra.properties file is

/opt/apigee/customer/application/cassandra.properties

mattz

Anyone knows the answer to this? We also would like to encryt the Cassandra intern-node communicaton.

Report Inappropriate Content

We had the same requirement before some days. We were trying to maintain intern node communication between Cassandras as tls. But, from apigee support we got to know there is no option in apigee. You can use external applications to do tls communication. So, we created one variance and got limited to nontls.

mattz

Thanks a lot for your quick reply. Too bad we cannot use the out-of-the-box Cassandra inter-node encryption with Apigee 😞