[jira] [Commented] (CASSANDRA-9325) cassandra-stress requires keystore for SSL but provides no way to configure it

Thu, 31 Mar 2016 02:34:31 -0700 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-9325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15219651#comment-15219651
 ] 

Stefan Podkowinski commented on CASSANDRA-9325:
-----------------------------------------------

cassci test results:

||2.2||3.0||trunk||
|[branch|https://github.com/spodkowinski/cassandra/tree/CASSANDRA-9325-2.2]|[branch|https://github.com/spodkowinski/cassandra/tree/CASSANDRA-9325-3.0]|[branch|https://github.com/spodkowinski/cassandra/tree/CASSANDRA-9325-trunk]|
|[dtest|http://cassci.datastax.com/view/Dev/view/spodkowinski/job/spodkowinski-CASSANDRA-9325-2.2-dtest/]|[dtest|http://cassci.datastax.com/view/Dev/view/spodkowinski/job/spodkowinski-CASSANDRA-9325-3.0-dtest/]|[dtest|http://cassci.datastax.com/view/Dev/view/spodkowinski/job/spodkowinski-CASSANDRA-9325-trunk-dtest/]|
|[testall|http://cassci.datastax.com/view/Dev/view/spodkowinski/job/spodkowinski-CASSANDRA-9325-2.2-testall/]|[testall|http://cassci.datastax.com/view/Dev/view/spodkowinski/job/spodkowinski-CASSANDRA-9325-3.0-testall/]|[testall|http://cassci.datastax.com/view/Dev/view/spodkowinski/job/spodkowinski-CASSANDRA-9325-trunk-testall/]|

> cassandra-stress requires keystore for SSL but provides no way to configure it
> ------------------------------------------------------------------------------
>
>                 Key: CASSANDRA-9325
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9325
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Tools
>            Reporter: J.B. Langston
>            Assignee: Stefan Podkowinski
>              Labels: lhf, stress
>             Fix For: 2.2.x
>
>         Attachments: 9325-2.1.patch
>
>
> Even though it shouldn't be required unless client certificate authentication 
> is enabled, the stress tool is looking for a keystore in the default location 
> of conf/.keystore with the default password of cassandra. There is no command 
> line option to override these defaults so you have to provide a keystore that 
> satisfies the default. It looks for conf/.keystore in the working directory, 
> so you need to create this in the directory you are running cassandra-stress 
> from.It doesn't really matter what's in the keystore; it just needs to exist 
> in the expected location and have a password of cassandra.
> Since the keystore might be required if client certificate authentication is 
> enabled, we need to add -transport parameters for keystore and 
> keystore-password.  Ideally, these should be optional and stress shouldn't 
> require the keystore unless client certificate authentication is enabled on 
> the server.
> In case it wasn't apparent, this is for Cassandra 2.1 and later's stress 
> tool.  I actually had even more problems getting Cassandra 2.0's stress tool 
> working with SSL and gave up on it.  We probably don't need to fix 2.0; we 
> can just document that it doesn't support SSL and recommend using 2.1 instead.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to