cassandra - Cqlsh with client to node SSL encryption -


am trying enable client node ssl encryption in dse server.

my cqlshrc file looks below

 [connection]  hostname = 127.0.0.1  port = 9160  factory = cqlshlib.ssl.ssl_transport_factory   [ssl]  certfile = /path/to/dse_node0.cer  validate = true ;; optional, true default.   [certfiles] ;; optional section, overrides default certfile in [ssl] section.  1.2.3.4 = /path/to/dse_node0.cer 

when tried login cqlsh shell getting below error

connection error: not connect 127.0.0.1:9160 

there several possible causes hope 1 of these solutions helpful.

1) certificate in ssl section not same (derived from) keystore specified in cassandra.yaml file.

solution: generate certificate keystore used in cassandra.yaml file , place in location pointed in cqlshrc file.

2) certificate file or keystore changed after starting node. cassandra loads copy of certificate when starts up.

solution: restart node.

3) in certfiles section 127.0.0.1 over-ridden wrong certificate

solution: use correct certificate or drop 127.0.0.1 entry.


Comments

Popular posts from this blog

php - regexp cyrillic filename not matches -

c# - OpenXML hanging while writing elements -

sql - Select Query has unexpected multiple records (MS Access) -