Re: unable to gossip with peers exception when internode encryption is set to any setting other than 'none'

2019-08-26 Thread Subroto Barua
could be issue with keystore/trustore --- you may want to do keytool -- list  -- validate the files/password; also do md5sum on files from 1 node in west and 1 node in east.check ssl port 7001 --- from 1 node in west --> telnet :7001 (or custom port if you are not using default port) On Mond

Re: unable to gossip with peers exception when internode encryption is set to any setting other than 'none'

2019-08-26 Thread Michael Carlise
Subroto - both tools error; openssl errno 111 - which made me check bound ports on the c* node with encryption flipped. Port 9042 is not open (determined by netstat -ant). Looking at the log differences for when a node is started with/without encryption. Without encryption, I get a bunch of lin

Re: unable to gossip with peers exception when internode encryption is set to any setting other than 'none'

2019-08-26 Thread Michael Carlise
The version given by apt is 8u162-b12-1. Which I think corresponds to openJDK-8-162. When I run jrunscript -e 'print (javax.crypto.Cipher.getMaxAllowedKeyLength("RC5") >= 256);' the command returns true. Not sure if that is the best way to verify JCE installed. Michael Carlise On Mon, Aug 26,

Re: unable to gossip with peers exception when internode encryption is set to any setting other than 'none'

2019-08-26 Thread Subroto Barua
Michael, Are you able to connect to any c* node via OpenSSL? Openssl s_client -connect :9042 Cqlsh —ssl Subroto > On Aug 26, 2019, at 2:47 PM, Marc Selwan wrote: > > which exact version of OpenJDK are you using? Is it possible you don't have > JCE on those nodes? (I believe more recent v

Re: unable to gossip with peers exception when internode encryption is set to any setting other than 'none'

2019-08-26 Thread Marc Selwan
which exact version of OpenJDK are you using? Is it possible you don't have JCE on those nodes? (I believe more recent versions of Java 8 has this baked in so that might not be it) *Marc Selwan | *DataStax *| *PM, Server Team *|* *(925) 413-7079* *|* Twitter * Q

unable to gossip with peers exception when internode encryption is set to any setting other than 'none'

2019-08-26 Thread Michael Carlise
I originally opened this issue on stackoverflow ( https://stackoverflow.com/questions/57516660/cassandra-node-to-node-encryption-throws-unable-to-gossip-with-peers-exception ). However, I haven't gotten any responses in over a week. I'm going to post it here and maybe someone will have an idea on