cassandra - Cqlsh with client to node SSL encryption -
am trying enable client node ssl encryption in dse server.
my cqlshrc file looks below
[connection] hostname = 127.0.0.1 port = 9160 factory = cqlshlib.ssl.ssl_transport_factory [ssl] certfile = /path/to/dse_node0.cer validate = true ;; optional, true default. [certfiles] ;; optional section, overrides default certfile in [ssl] section. 1.2.3.4 = /path/to/dse_node0.cer
when tried login cqlsh shell getting below error
connection error: not connect 127.0.0.1:9160
there several possible causes hope 1 of these solutions helpful.
1) certificate in ssl section not same (derived from) keystore specified in cassandra.yaml file.
solution: generate certificate keystore used in cassandra.yaml file , place in location pointed in cqlshrc file.
2) certificate file or keystore changed after starting node. cassandra loads copy of certificate when starts up.
solution: restart node.
3) in certfiles section 127.0.0.1 over-ridden wrong certificate
solution: use correct certificate or drop 127.0.0.1 entry.
Comments
Post a Comment