Table of Contents

Prconfig properties for Cassandra cluster encryption


Only available versions of this content are shown in the dropdown

Secure the data transfer between Cassandra nodes and between the client machines and the Cassandra cluster by customizing the prconfig.xml file properties.

Client-to-node encryption properties

Client-to-node encryption protects the data that is transferring from client machines to the Cassandra cluster by using Secure Sockets Layer (SSL).
Property Default value Available values
dnode/cassandra_client_encryption false
  • true
  • false
dnode/cassandra_client_encryption/client_auth false
  • true
  • false
dnode/cassandra_client_encryption/store_type The value of the dnode/cassandra_internode_encryption/store_type property.
  • jks
  • pkcs12
dnode/cassandra_client_encryption/cipher_suites null A comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_client_encryption/algorithm SunX509 There are no other available values.
dnode/cassandra_client_encryption/keystore The value of the dnode/cassandra_internode_encryption/keystore property. The path to the keystore.
dnode/cassandra_client_encryption/keystore_password The value of the dnode/cassandra_internode_encryption/keystore_password property. Not applicable
dnode/cassandra_client_encryption/truststore null The path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true.
dnode/cassandra_client_encryption/truststore_password null Not applicable.

Internode encryption properties

Internode encryption protects data transferring between nodes in the Cassandra cluster by using SSL.
Environment property Default value Available values
dnode/cassandra_internode_encryption none
  • none
  • all
  • dc
  • rack
dnode/cassandra_internode_encryption/cipher_suites null A comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_internode_encryption/client_auth false Not applicable.
dnode/cassandra_internode_encryption/keystore conf/keystore The path to the keystore.
dnode/cassandra_internode_encryption/keystore_password cassandra Not applicable.
dnode/cassandra_internode_encryption/store_type JKS
  • jks
  • pkcs12
dnode/cassandra_internode_encryption/truststore The value of dnode/cassandra_internode_encryption/keystore. The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true.
dnode/cassandra_internode_encryption/truststore_password cassandra Not applicable.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.