Support Article

Hotfix for Cassandra Encryption enhancement

SA-33449

Summary



Support encryption of Cassandra internode and client traffic.


Error Messages



Not Applicable


Steps to Reproduce



Currently the cassandra communication between the nodes are not encrypted.


Root Cause



A defect in Pegasystems’ code or rules. Currently Decision Strategy Manager (DSM) functionality doesnt support encryption of Cassandra internode communication.

Resolution



Apply HFix-31997.

Following properties needs to be added to prconfig.xml to configure encryption:

Prconfig Env Property Default value
dnode/cassandra_client_encryption false
dnode/cassandra_client_encryption/cipher_suites null
dnode/cassandra_internode_encryption none
dnode/cassandra_internode_encryption/store_type JKS
dnode/cassandra_internode_encryption/keystore conf/keystore
dnode/cassandra_internode_encryption/keystore_password cassandra
dnode/cassandra_internode_encryption/client_auth false
dnode/cassandra_internode_encryption/truststore conf/truststore
dnode/cassandra_internode_encryption/truststore_password cassandra
dnode/cassandra_internode_encryption/cipher_suites null

Published February 8, 2017 - Updated February 20, 2017

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.