You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@cassandra.apache.org by Jason Williams <ja...@gmail.com> on 2015/10/13 09:07:38 UTC

Verifying internode SSL

Hi Guys,

I've configured internode SSL and set it to be used between datacenters only. Is there a way in the logs to verify SSL is operating between nodes in different DCs or do I need to break out tcpdump?

Thank you in advance. 

-J

Sent via iPhone

Re: Verifying internode SSL

Posted by "Jason J. W. Williams" <ja...@gmail.com>.

Awesome. Thanks Nate!

On Tue, Oct 13, 2015 at 10:32 AM, Nate McCall <na...@thelastpickle.com>
wrote:

> > I've configured internode SSL and set it to be used between datacenters
> only. Is there a way in the logs to verify SSL is operating between nodes
> in different DCs or do I need to break out tcpdump?
> >
>
> Even on DC only encryption, you should see the following message in the
> log:
>
> "Starting Encrypted Messaging Service on SSL port 7001"
>
> With any Java-based thing using SSL, you can always use the following
> startup parameter to find out exactly what is going in:
>
> -Djavax.net.debug=ssl
>
> This page will tell you how to interpret the debug output:
>
> http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html
>
> --
> -----------------
> Nate McCall
> Austin, TX
> @zznate
>
> Co-Founder & Sr. Technical Consultant
> Apache Cassandra Consulting
> http://www.thelastpickle.com
>

Re: Verifying internode SSL

Posted by Nate McCall <na...@thelastpickle.com>.

> I've configured internode SSL and set it to be used between datacenters
only. Is there a way in the logs to verify SSL is operating between nodes
in different DCs or do I need to break out tcpdump?
>

Even on DC only encryption, you should see the following message in the log:

"Starting Encrypted Messaging Service on SSL port 7001"

With any Java-based thing using SSL, you can always use the following
startup parameter to find out exactly what is going in:

-Djavax.net.debug=ssl

This page will tell you how to interpret the debug output:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html

--
-----------------
Nate McCall
Austin, TX
@zznate

Co-Founder & Sr. Technical Consultant
Apache Cassandra Consulting
http://www.thelastpickle.com