Cassandra客户端程序不使用NettySSLOptions

时间:2018-06-19 11:06:13

标签: ssl cassandra openssl datastax-java-driver

我提到了这个链接https://docs.datastax.com/en/developer/java-driver/3.0/manual/ssl/来实现一个简单的Cassandra客户端,它使用带有OpenSSL选项的SSL上的数据共享驱动程序3.0.0但无法运行它。

在行

处获取com.datastax.driver.core.exceptions.NoHostAvailableException的通用异常 
mySession = myCluster.connect();

设置群集连接的代码段如下所示。

    public void connectToCluster()
    {
        String[] theCassandraHosts = {"myip"};
        myCluster =
                Cluster.builder().withSSL(getSSLOption())
                        .withReconnectionPolicy(new ConstantReconnectionPolicy(2000))
                        .addContactPoints(theCassandraHosts).withPort(10742)
                        .withCredentials("username", "password")
                        .withLoadBalancingPolicy(DCAwareRoundRobinPolicy.builder().build())
                        .withSocketOptions(new SocketOptions()
                        .setConnectTimeoutMillis(800).setKeepAlive(true)).build();
        try {
        mySession = myCluster.connect();
        }
        catch(Exception e) {
            e.printStackTrace();
        }
        System.out.println("Session Established");
    }


 private SSLOptions getSSLOption()
    {
        InputStream trustStore = null;
        try
        {
            String theTrustStorePath = "/var/opt/SecureInterface/myTrustStore.jks";
            String theTrustStorePassword = "mypassword";
            List<String> theCipherSuites = new ArrayList<String>();
            theCipherSuites.add("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
            KeyStore ks = KeyStore.getInstance("JKS");
            trustStore = new FileInputStream(theTrustStorePath);
            ks.load(trustStore, theTrustStorePassword.toCharArray());
            TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            tmf.init(ks);
            SslContextBuilder builder =
               SslContextBuilder.forClient()
                   .sslProvider(SslProvider.OPENSSL)
                   .trustManager(tmf)
                   .ciphers(theCipherSuites)
                   // only if you use client authentication
                   .keyManager(new File("/var/opt/SecureInterface/keystore/Cass.crt"),
                   new File("/var/opt/SecureInterface/keystore/Cass_enc.key"));
            SSLOptions sslOptions = new NettySSLOptions(builder.build());
            return sslOptions;
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
        finally
        {
            try
            {
                trustStore.close();
            }
            catch (IOException e)
            {
                e.printStackTrace();
            }
        }
        return null;
    }

Cassandra服务器运行正常,具有客户端和服务器加密选项。此外,我能够使用JdkSSLOptions运行我的客户端,但是NettySSLOptions有问题。

是否有人为Cassandra客户端应用程序实现了NettySSLOptions?

0 个答案:

没有答案
相关问题
最新问题