OpsCenter uses Secure Socket Layer (SSL) to encrypt the communication protocol and authenticate traffic between OpsCenter agents and the main OpsCenter daemon (Linux and Mac OSX) or the DataStax OpsCenter Service (Windows). The default SSL state depends on the operating system:
Consider disabling SSL if you are running OpsCenter and DataStax Enterprise or DataStax Community under the following conditions:
If you have no need for SSL, you can simply disable the SSL option to avoid installing OpenSSL.
If the SSL option is enabled, OpsCenter requires a specific version of OpenSSL for each supported operating system:
|0.9.8||CentOS 5.x, Debian, Mac OSX, Oracle Linux 5.5, RHEL 5.x, SuSe Enterprise 11.x, Ubuntu, and Windows|
|1.0.0||CentOS 6.x, Oracle Linux 6.1, and RHEL 6.x|
To determine which version of OpenSSL is installed on a Linux or Mac OSX system, use the following command:
By default, SSL is enabled on Linux and Mac OSX installations. You modify the configuration files for OpsCenter and its agents to disable SSL on Linux and Mac OSX.
On the OpsCenter machine:
Go to the directory containing the OpsCenter configuration file (opscenterd.conf):
Open opscenterd.conf, for editing. For example:
sudo vi opscenterd.conf
Add the following to opscenterd.conf:
[agents] use_ssl = false
On the agent machine:
Go to the directory containing the OpsCenter agent configuration file (address.yaml):
Open address.yaml for editing. For example:
sudo vi address.yaml
Add the following command and set its value to 0.
By default, SSL is disabled on Windows installations. To enable SSL, you run setup.py (which generates the required SSL keys and certificates), modify the configuration files for OpsCenter and its agent, and then restart the DataStax OpsCenter Agent Service.
To enable SSL:
Go to the opscenter\bin directory:
Program Files (x86) > DataStax Community > opscenter > bin
Click or double-click setup.py to run it.
The agentKeyStore key pairs are generated and appear in opscenter\ssl directory.
Go to the opscenter\conf directory:
DataStax Community > opscenter > conf
Open the configuration file for OpsCenter, opscenterd.conf, in a text editor such as Notepad.
In the agents section, change use_ssl from 0 to 1 (or true), and then save the file.
Go to the opscenter\agent\conf directory:
DataStax Community > opscenter > agent > conf
Open the configuration file for OpsCenter agent, address.yaml, in a text editor.
In the address.yaml file, change the value for use_ssl from 0 to 1, and then save the file.
From the Control Panel, restart the DataStax OpsCenter Agent Service.