You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@cassandra.apache.org by "Lu, Boying" <Bo...@emc.com> on 2015/01/06 04:21:18 UTC

How to use cqlsh to access Cassandra DB if the client_encryption_options is enabled

Hi, All,

I turned on the dbclient_encryption_options like this:
client_encryption_options:
enabled: true
keystore:  path-to-my-keystore-file
keystore_password:  my-keystore-password
truststore: path-to-my-truststore-file
truststore_password:  my-truststore-password
...

I can use following cassandra-cli command to access DB:
cassandra-cli  -ts path-to-my-truststore-file -tspw my-truststore-password -tf org.apache.cassandra.thrift.SSLTransportFactory

But when I tried to access DB by cqlsh like this:
SSL_CERTFILE=path-to-my-truststore cqlsh -t cqlishlib.ssl.ssl_transport_factory

I got following error:
Connection error: Could not connect to localhost:9160: [Errno 0] _ssl.c:332: error:00000000:lib(0):func(0):reason(0)

I guess the reason maybe is that I didn't provide the trustore password.   But cqlsh doesn't provide such option.

Does anyone know how to resolve this issue?

Thanks

Boying