gocql中的SSL选项

huangapple go评论92阅读模式
英文:

SSL options in gocql

问题

在我的Cassandra配置中,我已经启用了用户身份验证,并通过SSL连接cqlsh。
我在使用gocql时遇到了问题,以下是我的代码:

cluster := gocql.NewCluster("127.0.0.1")
cluster.Authenticator = gocql.PasswordAuthenticator{
	Username: "myuser",
	Password: "mypassword",
}
cluster.SslOpts = &gocql.SslOptions {
	CertPath: "/path/to/cert.pem",
}

当我尝试连接时,出现以下错误:

 gocql: unable to create session: connectionpool: unable to load X509 key pair: open : no such file or directory

在Python中,我可以这样做:

from cassandra.cluster import Cluster
from cassandra.auth import PlainTextAuthProvider
USER = 'username'
PASS = 'password'
ssl_opts = {'ca_certs': '/path/to/cert.pem',
        'ssl_version': PROTOCOL_TLSv1
}
credentials = PlainTextAuthProvider(username=USER, password=PASS)
# define host, port, cqlsh protocaol version
cluster = Cluster(contact_points=HOST, protocol_version=CQLSH_PROTOCOL_VERSION, auth_provider=credentials, port=CASSANDRA_PORT)

我查看了gocql和TLS文档这里这里,但我不确定如何设置ssl选项。

英文:

In my Cassandra config I have enabled user authentication and connect with cqlsh over ssl.
I'm having trouble implementing the same with gocql, following is my code:

cluster := gocql.NewCluster("127.0.0.1")
cluster.Authenticator = gocql.PasswordAuthenticator{
	Username: "myuser",
	Password: "mypassword",
}
cluster.SslOpts = &gocql.SslOptions {
	CertPath: "/path/to/cert.pem",
}

When I try to connect I get following error:

 gocql: unable to create session: connectionpool: unable to load X509 key pair: open : no such file or directory

In python I can do this with something like:

from cassandra.cluster import Cluster
from cassandra.auth import PlainTextAuthProvider
USER = 'username'
PASS = 'password'
ssl_opts = {'ca_certs': '/path/to/cert.pem',
        'ssl_version': PROTOCOL_TLSv1
}
credentials = PlainTextAuthProvider(username = USER, password = PASS)
# define host, port, cqlsh protocaol version
cluster = Cluster(contact_points= HOST, protocol_version= CQLSH_PROTOCOL_VERSION, auth_provider = credentials, port = CASSANDRA_PORT)

I checked the gocql and TLS documentation here and here but I'm unsure about how to set ssl options.

答案1

得分: 1

你正在添加一个没有私钥的证书,这就是出现“没有该文件或目录”的错误的原因。

你的Python代码正在添加一个CA证书;你应该在Go代码中做同样的操作:

gocql.SslOptions {
    CaPath: "/path/to/cert.pem",
}
英文:

You're adding a cert without a private key, which is where the "no such file or directory" error is coming from.

Your python code is adding a CA; you should do the same with the Go code:

gocql.SslOptions {
    CaPath: "/path/to/cert.pem",
}

huangapple
  • 本文由 发表于 2016年3月13日 21:05:31
  • 转载请务必保留本文链接:https://go.coder-hub.com/35970581.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定