cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeremy Hanna (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CASSANDRA-9325) cassandra-stress requires keystore for SSL but provides no way to configure it
Date Mon, 26 Oct 2015 16:10:28 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-9325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jeremy Hanna updated CASSANDRA-9325:
------------------------------------
    Labels: stress  (was: )

> cassandra-stress requires keystore for SSL but provides no way to configure it
> ------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-9325
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9325
>             Project: Cassandra
>          Issue Type: Bug
>            Reporter: J.B. Langston
>              Labels: stress
>             Fix For: 2.1.x
>
>
> Even though it shouldn't be required unless client certificate authentication is enabled,
the stress tool is looking for a keystore in the default location of conf/.keystore with the
default password of cassandra. There is no command line option to override these defaults
so you have to provide a keystore that satisfies the default. It looks for conf/.keystore
in the working directory, so you need to create this in the directory you are running cassandra-stress
from.It doesn't really matter what's in the keystore; it just needs to exist in the expected
location and have a password of cassandra.
> Since the keystore might be required if client certificate authentication is enabled,
we need to add -transport parameters for keystore and keystore-password.  Ideally, these should
be optional and stress shouldn't require the keystore unless client certificate authentication
is enabled on the server.
> In case it wasn't apparent, this is for Cassandra 2.1 and later's stress tool.  I actually
had even more problems getting Cassandra 2.0's stress tool working with SSL and gave up on
it.  We probably don't need to fix 2.0; we can just document that it doesn't support SSL and
recommend using 2.1 instead.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message