Apache Cassandra 1.2 Documentation

Node-to-node encryption¶

Node-to-node encryption protects data transferred between nodes in a cluster using SSL (Secure Sockets Layer). For information about generating SSL certificates, see Preparing server certificates.

SSL settings for Cassandra node-to-node encryption¶

To enable node-to-node SSL, you must set the server encryption options in the cassandra.yaml file.

On each node, under server_encryption_options:

Enable the internode_encryption options (described below).
Set the appropriate paths to your .keystore and .truststore files.
Provide the required passwords. The passwords must match the passwords used when generating the keystore and truststore.
To enable client certificate authentication, set require_client_auth to true.

The available inter-node options are:

all
none
dc: Cassandra encrypts the traffic between the data centers.
rack: Cassandra encrypts the traffic between the racks.

server_encryption_options:
   internode_encryption: <internode_option>
   keystore: resources/dse/conf/.keystore
   keystore_password: <keystore password>
   truststore: resources/dse/conf/.truststore
   truststore_password: <truststore password>
   require_client_auth: <true or false>

« Client-to-node encryption

Preparing server certificates »

Announcements

< >

Apache Cassandra 1.2 Documentation

Node-to-node encryption¶

SSL settings for Cassandra node-to-node encryption¶

Big Data Challenges

Customers

What We Offer

Developer Center

About DataStax

Download

Blog

Resources