群集中的Riak安全

时间:2017-12-20 05:45:44

标签: riak

我在使用java客户端设置Riak Kv Cluster设置时遇到了困难。

有人能说出我们是怎么做到的吗?

我尝试使用以下代码在集群中使用riak安全性但是我收到了SSLEngine问题的错误,任何人都可以告诉我们如何解决这个问题。

以下是适用于参考的java代码

InputStream inputStream = null;
        KeyStore ks = null;
        try {
            // inputStream = new FileInputStream("/ssl_dir/cacertfile.pem");

            inputStream = new FileInputStream("/home/shahzad/Desktop/amit/rootCA.pem");
            // Generate an X509Certificate from the InputStream
            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
            X509Certificate caCert = (X509Certificate) certFactory.generateCertificate(inputStream);
            inputStream.close();
            // Generate a KeyStore object
            ks = KeyStore.getInstance(KeyStore.getDefaultType());
            ks.load(null, "password".toCharArray());
            ks.setCertificateEntry("cacert", caCert);
        } catch (Exception e) {
            e.printStackTrace();
        }



synchronized (RiakConfig.class) {
            List<RiakNode> riakNodeList = new ArrayList<RiakNode>();
            for (final String riakServer : riakServerArray) {
                RiakNode node = new RiakNode.Builder()
                        .withMinConnections(10)
                        .withMinConnections(50)
                        .withRemoteAddress(riakServer.split(":")[0])
                        .withRemotePort(
                                Integer.parseInt(riakServer.split(":")[1]))
                        .withAuth("shahzad", "shahzad", ks)
                        .build();
                riakNodeList.add(node);
            }
            // This cluster object takes our one node as an argument
            cluster = new RiakCluster.Builder(riakNodeList).build();
            // The cluster must be started to work, otherwise you will see
            // errors
            cluster.start();
        }

告诉一件事.....我们如何远程访问安全性启用Riak KV。

1 个答案:

答案 0 :(得分:0)

如果您在Riak KV群集中启用了安全性并添加了客户端来源,请检查

riak-admin security add-source all <<127.0.0.1/32>> trust

IP地址属于发起连接的客户端计算机