Close popover

Table of Contents

Prconfig properties for Cassandra cluster encryption

Version:

Secure the data transfer between Cassandra nodes and between the client machines and the Cassandra cluster by customizing the prconfig.xml file properties.

Client-to-node encryption properties

Client-to-node encryption protects the data that is transferring from client machines to the Cassandra cluster by using Secure Sockets Layer (SSL).
Property Default value Available values
dnode/cassandra_client_encryption false
  • true
  • false
dnode/cassandra_client_encryption/client_auth false
  • true
  • false
dnode/cassandra_client_encryption/store_type The value of the dnode/cassandra_internode_encryption/store_type property.
  • jks
  • pkcs12
dnode/cassandra_client_encryption/cipher_suites null A comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_client_encryption/algorithm SunX509 There are no other available values.
dnode/cassandra_client_encryption/keystore The value of the dnode/cassandra_internode_encryption/keystore property. The path to the keystore.
dnode/cassandra_client_encryption/keystore_password The value of the dnode/cassandra_internode_encryption/keystore_password property. Not applicable
dnode/cassandra_client_encryption/truststore null The path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true.
dnode/cassandra_client_encryption/truststore_password null Not applicable.

Internode encryption properties

Internode encryption protects data transferring between nodes in the Cassandra cluster by using SSL.
Environment property Default value Available values
dnode/cassandra_internode_encryption none
  • none
  • all
  • dc
  • rack
dnode/cassandra_internode_encryption/cipher_suites null A comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_internode_encryption/client_auth false Not applicable.
dnode/cassandra_internode_encryption/keystore conf/keystore The path to the keystore.
dnode/cassandra_internode_encryption/keystore_password cassandra Not applicable.
dnode/cassandra_internode_encryption/store_type JKS
  • jks
  • pkcs12
dnode/cassandra_internode_encryption/truststore The value of dnode/cassandra_internode_encryption/keystore. The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true.
dnode/cassandra_internode_encryption/truststore_password cassandra Not applicable.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.