incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Kesten <j.kes...@enercast.de>
Subject Problem setting up encrypted communication
Date Wed, 13 Mar 2013 08:58:49 GMT
Hello together,

after my inital tests all is up and running, replacing a dead node was 
no problem at all. Now I tried to setup encryption between nodes. I set 
up keystores and a truststore as described in the docs. Every node has 
it's own keystore with one private key and a truststore with all 
imported public keys/certs.

for my first node:

db02, Mar 13, 2013, PrivateKeyEntry,
Certificate fingerprint (SHA1): 
D3:B1:37:8A:05:43:F1:7A:F9:70:7A:4C:91:6F:09:96:BF:75:21:81

for my second node:

db01, Mar 13, 2013, PrivateKeyEntry,
Certificate fingerprint (SHA1): 
BA:E9:F4:06:15:AE:CC:79:18:8B:69:C0:70:EF:19:82:0E:81:76:E8

shared truststore:

db02, Mar 13, 2013, trustedCertEntry,
Certificate fingerprint (SHA1): 
D3:B1:37:8A:05:43:F1:7A:F9:70:7A:4C:91:6F:09:96:BF:75:21:81
db01, Mar 13, 2013, trustedCertEntry,
Certificate fingerprint (SHA1): 
BA:E9:F4:06:15:AE:CC:79:18:8B:69:C0:70:EF:19:82:0E:81:76:E8

relevant cassandra.yaml (db01 and db02 differ on both nodes):

server_encryption_options:
     internode_encryption: all
     keystore: /home/cassandra/certs/db01.keystore
     keystore_password: cassandra
     truststore: /home/cassandra/certs/.truststore
     truststore_password: cassandra

Now the question that puzzels me. If I disable encryption and start both 
nodes the join each other an I have a working cluster. If I enable 
encryption they do not join any longer and I have to seperate nodes.

Any hints?

Thanks,
Jan


Mime
View raw message