Is it possible to store an encrypted keystore_password and
truststore_password in the cassandra.yaml? I see that the defaults
allow cleartext which isn't suitable when negotiating with security
specialists for sign-off of a solution...
From: http://svn.apache.org/repos/asf/cassandra/trunk/conf/cassandra.yaml
# The passwords used in these options must match the passwords used
when generating
# the keystore and truststore. For instructions on generating these files, see:
# http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
encryption_options:
internode_encryption: none
keystore: conf/.keystore
keystore_password: cassandra
truststore: conf/.truststore
truststore_password: cassandra
--
Sasha Dolgy
sasha.dolgy@gmail.com
|