[jira] [Commented] (CASSANDRA-10735) Support netty openssl (netty-tcnative) for client encryption

jahar (JIRA) Mon, 18 Jun 2018 00:27:12 -0700


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-10735?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16515426#comment-16515426
 ]


jahar commented on CASSANDRA-10735:
-----------------------------------

Hi,

I just followed the instructions given on 
[https://docs.datastax.com/en/developer/java-driver/3.0/manual/ssl/] to use 
NettySSLOptions, but getting 
_com.datastax.driver.core.exceptions.NoHostAvailableException._ 

My .crt and private key and certificates are ok as I have verified them using 
OpenSSL. Tried a lot but not able to find the root cause. 

JdkSSLOptions is working fine but when I use the SSLOptions it fails. This is 
what I am using in code:

 

            _KeyStore ks = KeyStore.getInstance("JKS");_
            _trustStore = new FileInputStream(theTrustStorePath);_
            _ks.load(trustStore, theTrustStorePassword.toCharArray());_
            _TrustManagerFactory tmf = 
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());_
            _tmf.init(ks);_
            _SslContextBuilder builder =_
                    _SslContextBuilder.forClient()_
                            _.sslProvider(SslProvider.OPENSSL)_
                            _.trustManager(tmf)_
                            _.ciphers(theCipherSuites)//_
                            _.keyManager(new File("mycert.pem"),_
                                    _new File("mykey.pem"));_
            _SSLOptions sslOptions = new NettySSLOptions(builder.build());_
            _return sslOptions;_

 

This throws exception _mySession = myCluster.connect();_

Any idea or suggestions please.....

> Support netty openssl (netty-tcnative) for client encryption
> ------------------------------------------------------------
>
>                 Key: CASSANDRA-10735
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10735
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Andy Tolbert
>            Assignee: Jason Brown
>            Priority: Major
>             Fix For: 4.0
>
>         Attachments: netty-ssl-trunk.tgz, nettyssl-bench.tgz, 
> nettysslbench.png, nettysslbench_small.png, sslbench12-03.png
>
>
> The java-driver recently added support for using netty openssl via 
> [netty-tcnative|http://netty.io/wiki/forked-tomcat-native.html] in 
> [JAVA-841|https://datastax-oss.atlassian.net/browse/JAVA-841], this shows a 
> very measured improvement (numbers incoming on that ticket).   It seems 
> likely that this can offer improvement if implemented C* side as well.
> Since netty-tcnative has platform specific requirements, this should not be 
> made the default, but rather be an option that one can use.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (CASSANDRA-10735) Support netty openssl (netty-tcnative) for client encryption

Reply via email to