Astyanax和Cassandra之间的安全通信

时间:2012-06-12 14:32:59

标签: ssl cassandra astyanax

有没有人想出办法确保Cassandra和Astyanax客户之间的沟通? SSL最好能够进行客户端证书身份验证+加密......

1 个答案:

答案 0 :(得分:1)

我假设您已经在cassandra中启用了SSL并拥有密钥库文件,如果不是enabling SSL in Astyanax here.上的完整博客

在构建Keyspace上下文时,您需要将密钥库文件及其密码传递给Astyanax:

AstyanaxContext<Keyspace> ctx = new AstyanaxContext.Builder()
    .forKeyspace("MyKeyspace")
    // Config parameters
    .withConnectionPoolConfiguration(
         new com.netflix.astyanax.connectionpool.impl.ConnectionPoolConfigurationImpl("MyConnectionPool")
        .setSeeds("127.0.0.1")
        .setSSLConnectionContext(
             new SSLConnectionContext(
             "/path/to/certificate/cassandra_external_trust.jks", // tell Astyanax the fully qualified path to the keystore file C* is using
             "somePassword")))                                    // supply the keystore file's password too
    .buildKeyspace(ThriftFamilyFactory.getInstance());
ctx.start();