cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sameer Farooqui <>
Subject Re: How to configure internode encryption in 0.8.0?
Date Wed, 18 May 2011 00:47:32 GMT
Thanks for the link, Jeremy.

I generated the keystore and truststore for inter-node communication using
the link in the YAML file:

the default instructions in the above link
used TLS_RSA_WITH_AES_256_CBC_SHA. So, when I start Cassandra now, I get
this error:

ERROR 00:10:38,734 Exception encountered during startup.
java.lang.IllegalArgumentException: Cannot support
TLS_RSA_WITH_AES_256_CBC_SHA       with currently installed providers

The YAML file states that the cipher suite for authentication should

This is my first time using keytool and I've searched the web to see how I
can change the cipher from AES_256 to AES_128, but haven't found the answer.

Anyone know how to change the cipher to AES_128?

Here are the commands I used to generate the non-working keystore and

1) keytool -genkeypair -alias jdoe -keyalg RSA -validity 7 -keystore
2) keytool -list -v -keystore .keystore
3) keytool -export -alias jdoe -keystore .keystore -rfc -file jdoe.cer
4) cat jdoe.cer
5) keytool -import -alias jdoecert -file jdoe.cer -keystore .truststore
6) keytool -list -v -keystore .truststore

- Sameer

On Mon, May 16, 2011 at 5:35 PM, Jeremy Hanna <>wrote:

> Take a look at cassandra.yaml in your 0.8 download at the very bottom.
>  There are docs and examples there.
> e.g.
> On May 16, 2011, at 6:36 PM, Sameer Farooqui wrote:
> > I understand that 0.8.0 has configurable internode encryption
> (CASSANDRA-1567, 2152).
> >
> > I haven't been able to find any info on how to configure it though on
> this mailing list or the Datastax website.
> >
> > Can somebody point me towards how to set this up?
> >
> > - Sameer

View raw message