http://www.datastax.com/support-forums/topic/cassandra-inter-node-basic-encryption-question Software, Support, and Training for Apache Cassandra en-US Sat, 25 May 2013 05:37:49 +0000 http://bbpress.org/?v=1.0.3 q http://www.datastax.com/support-forums/search.php http://www.datastax.com/support-forums/topic/cassandra-inter-node-basic-encryption-question#post-8018 Tue, 18 Dec 2012 23:10:36 +0000 Katrina 8018@http://www.datastax.com/support-forums/ <p>Yes, you should import the public cert from all the nodes into each node's trust store. Here is the command:</p> <p>keytool -import -alias &lt;alias&gt; -file &lt;certfile&gt; -keystore &lt;truststore-file&gt;</p> <p>where:<br /> &lt;alias&gt; is some alias for the certificate holder,<br /> &lt;certfile&gt; is the public key file (certificate file),<br /> &lt;truststore-file&gt; is the trust store (one for each node)</p> <p>You can add the option: -noprompt if you don't want to be prompted to confirm that you really want to trust the certificate.</p> <p>You should then move each truststore-file to somewhere where the owning cassandra node can access it and enter the full path location in cassandra.yaml (in the truststore item in encryption_options). You will also need to enter the trust store password in cassandra.yaml (in the truststore_password item in encryption_options). Note the trust store password is the password that you entered each time you ran the keytool -import command. </p> http://www.datastax.com/support-forums/topic/cassandra-inter-node-basic-encryption-question#post-7975 Fri, 14 Dec 2012 20:28:30 +0000 omarbizkit 7975@http://www.datastax.com/support-forums/ <p>I have a 6 node cassandra cluster and I need to enable TLS encryption for communication between nodes but since I have very little experience with<br /> Java and encryption in general I have the following question:<br /> After generating key pairs and importing the local certificate to the truststore on each node do I have to import all public keys on each of the cassandra nodes? </p>