You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "J.B. Langston (JIRA)" <ji...@apache.org> on 2015/05/07 17:35:59 UTC
[jira] [Updated] (CASSANDRA-9325) cassandra-stress requires
keystore for SSL but provides no way to configure it
[ https://issues.apache.org/jira/browse/CASSANDRA-9325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
J.B. Langston updated CASSANDRA-9325:
-------------------------------------
Summary: cassandra-stress requires keystore for SSL but provides no way to configure it (was: cassandra-stress requires keystore but provides no way to configure it)
> cassandra-stress requires keystore for SSL but provides no way to configure it
> ------------------------------------------------------------------------------
>
> Key: CASSANDRA-9325
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9325
> Project: Cassandra
> Issue Type: Bug
> Reporter: J.B. Langston
>
> Even though it shouldn't be required unless client certificate authentication is enabled, the stress tool is looking for a keystore in the default location of conf/.keystore with the default password of cassandra. There is no command line option to override these defaults so you have to provide a keystore that satisfies the default. It looks for conf/.keystore in the working directory, so you need to create this in the directory you are running cassandra-stress from.It doesn't really matter what's in the keystore; it just needs to exist in the expected location and have a password of cassandra.
> Since the keystore might be required if client certificate authentication is enabled, we need to add -transport parameters for keystore and keystore-password. These should be optional unless client certificate authentication is enabled on the server.
> In case it wasn't apparent, this is for Cassandra 2.1 and later's stress tool. I actually had even more problems getting Cassandra 2.0's stress tool working with SSL and gave up on it. We probably don't need to fix 2.0; we can just document that it doesn't support SSL and recommend using 2.1 instead.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)