英文:
connecting cassandra through ssl with datastax cassandra JAVA driver
问题
I am using datastax cassandra version 3.6.0 and trying to connect to cassandra with ssl.
I have a ca cert already stored in dir "/etc/ssl/certs/cassandra.crt".
I have a cassandra cluster creation in JAVA as:
cluster = Cluster.builder().addContactPoints(hostArray).withPort(Integer.parseInt(port)).withCredentials(username, password).build();
I do see a with `withSSL(SSLOptions)` in a builder,
How can I create a SSLOPtions in java with the above cert file such that I can use it to create a cluster?
In PYTHON I have
ssl_opts = {"ca_certs": "/etc/ssl/certs/cassandra.crt"}
auth_provider = PlainTextAuthProvider(username, password)
cluster = Cluster(
cluster_ips,
auth_provider=auth_provider,
port=20102,
ssl_options=ssl_opts,
load_balancing_policy=DCAwareRoundRobinPolicy()
)
How do I do the same with the crt file to create cluster in java?
英文:
I am using datastax cassandra version 3.6.0 and trying to connect to cassandra with ssl.
I have a ca cert already stored in dir "/etc/ssl/certs/cassandra.crt"
.
I have a cassandra cluster creation in JAVA as:
cluster = Cluster.builder().addContactPoints(hostArray).withPort(Integer.parseInt(port)).withCredentials(username, password).build();
I do see a with withSSL(SSLOptions)
in a builder,
How can I create a SSLOPtions in java with the above cert file such that I can use it to create a cluster?
In PYTHON I have
ssl_opts = {"ca_certs": "/etc/ssl/certs/cassandra.crt"}
auth_provider = PlainTextAuthProvider( username , password )
cluster = Cluster(
cluster_ips,
auth_provider=auth_provider,
port=20102,
ssl_options=ssl_opts,
load_balancing_policy=DCAwareRoundRobinPolicy()
)
How do I do the same with the crt file to create cluster in java?
答案1
得分: 1
你需要首先创建SSLContext。有关创建SSLContext的示例,请参阅此处的示例SSLContext示例。一旦你有了SSLContext对象,你可以按如下方式获取SSLOptions:
JdkSSLOptions sslOptions = JdkSSLOptions.builder().withSSLContext(context).withCipherSuites(theCipherSuites).build();
然后你可以将这个sslOptions传递给withSSL方法中:
cluster = Cluster.builder().addContactPoints(hostArray).withPort(Integer.parseInt(port)).withCredentials(username, password).withSSL(sslOptions).build();
英文:
You need to create SSLContext first. For creating SSLContext you can refer example here SSLContext Example. Once you have SSLConext object, you can get SSLOptions as below
JdkSSLOptions sslOptions = JdkSSLOptions.builder().withSSLContext(context).withCipherSuites(theCipherSuites).build();
Then you can pass this sslOptions in withSSL method as
cluster = Cluster.builder().addContactPoints(hostArray).withPort(Integer.parseInt(port)).withCredentials(username, password).withSSL(sslOptions).build();
答案2
得分: 0
在Java驱动程序v3.6中,您使用RemoteEndpointAwareSSLOptions
类配置SSL,该类使用JSSE系统属性(由-Djavax.net.ssl.*
指定)。
如果系统属性不足以满足您的需求,可以使用RemoteEndpointAwareJdkSSLOptions
类以编程方式配置SSL。
有关详细信息,请参阅Java驱动程序3.6 SSL页面。
另外,需要注意的是,驱动程序的v3.6版本于2018年8月发布,因此非常旧。如果您正在开发新应用程序,建议您使用驱动程序的最新版本。如果在旧版本中遇到问题,您仍需要升级以获取修复。祝好!
英文:
In Java driver v3.6, you configure SSL with the RemoteEndpointAwareSSLOptions
class which uses the JSSE system properties (specified by -Djavax.net.ssl.*
).
If you need more than what the system properties allow, configure SSL programatically with the RemoteEndpointAwareJdkSSLOptions
class.
For details, see the Java driver 3.6 SSL page.
On a side note, v3.6 of the driver was released in August 2018 so it's very old. If you're developing a new app, we recommend that you use the latest version of the driver. If you run into issues with the older version, you will need to upgrade anyway to get the fixes. Cheers!
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论