[
https://issues.apache.org/jira/browse/CASSANDRA-3051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13092930#comment-13092930
]
Gary Dusbabek commented on CASSANDRA-3051:
------------------------------------------
Not that I know of. If someone wants to write one it would flesh out these
basic steps:
# follow the steps for generating a keystore and a trust store here:
http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
# plug those files into encryption_options in cassandra.yaml
# make sure encryption_options.internode_encryption = all in the yaml.
I was mostly raising a voice of caution against committing code backed up by
statements like "I don't see anh reason why it won't..." This is usually a
prelude to something like "we need to quickly release a new version because XYZ
broke streaming." Just sayin'.
> On Disk Compression breaks SSL Encryption
> -----------------------------------------
>
> Key: CASSANDRA-3051
> URL: https://issues.apache.org/jira/browse/CASSANDRA-3051
> Project: Cassandra
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: Trunk
> Reporter: Benjamin Coverston
> Assignee: Pavel Yaskevich
> Fix For: 1.0
>
> Attachments: CASSANDRA-3051.patch
>
>
> Encryption depends on FileStreamTask.write [1] protected member to be called
> because the SSLFileStreamTask.write overrides this to write back to the
> server.
> When enabled, compression circumvents the call and the client does not
> communicate using an SSL socket back to the server.
> [1]
> protected long write(FileChannel fc, Pair<Long, Long> section, long length,
> long bytesTransferred) throws IOException
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
