gocql中的SSL选项

huangapple
go评论113阅读模式
英文:

SSL options in gocql

问题

在我的Cassandra配置中,我已经启用了用户身份验证,并通过SSL连接cqlsh。
我在使用gocql时遇到了问题,以下是我的代码:

  1. cluster := gocql.NewCluster("127.0.0.1")
  2. cluster.Authenticator = gocql.PasswordAuthenticator{
  3. 	Username: "myuser",
  4. 	Password: "mypassword",
  5. }
  6. cluster.SslOpts = &gocql.SslOptions {
  7. 	CertPath: "/path/to/cert.pem",
  8. }

当我尝试连接时,出现以下错误:

  1.  gocql: unable to create session: connectionpool: unable to load X509 key pair: open : no such file or directory

在Python中,我可以这样做:

  1. from cassandra.cluster import Cluster
  2. from cassandra.auth import PlainTextAuthProvider
  3. USER = 'username'
  4. PASS = 'password'
  5. ssl_opts = {'ca_certs': '/path/to/cert.pem',
  6.         'ssl_version': PROTOCOL_TLSv1
  7. }
  8. credentials = PlainTextAuthProvider(username=USER, password=PASS)
  9. # define host, port, cqlsh protocaol version
  10. cluster = Cluster(contact_points=HOST, protocol_version=CQLSH_PROTOCOL_VERSION, auth_provider=credentials, port=CASSANDRA_PORT)

我查看了gocql和TLS文档这里这里,但我不确定如何设置ssl选项。

英文:

In my Cassandra config I have enabled user authentication and connect with cqlsh over ssl.
I'm having trouble implementing the same with gocql, following is my code:

  1. cluster := gocql.NewCluster("127.0.0.1")
  2. cluster.Authenticator = gocql.PasswordAuthenticator{
  3. 	Username: "myuser",
  4. 	Password: "mypassword",
  5. }
  6. cluster.SslOpts = &gocql.SslOptions {
  7. 	CertPath: "/path/to/cert.pem",
  8. }

When I try to connect I get following error:

  1.  gocql: unable to create session: connectionpool: unable to load X509 key pair: open : no such file or directory

In python I can do this with something like:

  1. from cassandra.cluster import Cluster
  2. from cassandra.auth import PlainTextAuthProvider
  3. USER = 'username'
  4. PASS = 'password'
  5. ssl_opts = {'ca_certs': '/path/to/cert.pem',
  6.         'ssl_version': PROTOCOL_TLSv1
  7. }
  8. credentials = PlainTextAuthProvider(username = USER, password = PASS)
  9. # define host, port, cqlsh protocaol version
  10. cluster = Cluster(contact_points= HOST, protocol_version= CQLSH_PROTOCOL_VERSION, auth_provider = credentials, port = CASSANDRA_PORT)

I checked the gocql and TLS documentation here and here but I'm unsure about how to set ssl options.

答案1

得分: 1

你正在添加一个没有私钥的证书,这就是出现“没有该文件或目录”的错误的原因。

你的Python代码正在添加一个CA证书;你应该在Go代码中做同样的操作:

  1. gocql.SslOptions {
  2.     CaPath: "/path/to/cert.pem",
  3. }
英文:

You're adding a cert without a private key, which is where the "no such file or directory" error is coming from.

Your python code is adding a CA; you should do the same with the Go code:

  1. gocql.SslOptions {
  2.     CaPath: "/path/to/cert.pem",
  3. }

huangapple
  • 本文由 发表于 2016年3月13日 21:05:31
  • 转载请务必保留本文链接:https://go.coder-hub.com/35970581.html
  • cassandra
  • cqlsh
  • go
  • ssl
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定