(prabhkau)
Objet : Re: Issue in internode encryption in cassandra
Hi,
Is any one have any hint regarding node to node encryption .
Regards,
Ashwini Mhatre
From: asmhatre <asmha...@cisco.com<mailto:asmha...@cisco.com>>
Reply-To: "user@cassandra.apache.org<mailto:user@cassandra
o:user@cassandra.apache.org>>
Date: Monday, 25 July 2016 at 4:15 PM
To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org>"
<user@cassandra.apache.org<mailto:user@cassandra.apache.org>>
Subject: Issue in internode encryption in cassandra
I am using i
>
>
> I am using internode encryption in cassandra, with self signed CA it
works fine. but with other product CA m getting this error "Filtering out
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA as it
isnt supported by the socket”
>
You've specified ECDHE_
Compare the output to be certain the same ciphers are available everywhere.
On Mon, Jul 25, 2016 at 4:45 AM Ashwini Mhatre (asmhatre) <
asmha...@cisco.com> wrote:
> Hi ,
>
> I am using internode encryption in cassandra, with self signed CA it works
> fine. but with other pr
Hi ,
I am using internode encryption in cassandra, with self signed CA it works
fine. but with other product CA m getting this error "Filtering out
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA as it
isnt supported by the socket”
Thank you.
Regards,
Ashwini Mhatre
the fact nobody will break
>>> into the box, and if root is lost - all bets are off, that is fine too. But
>>> in this case, what is the point to even have keystore and truststore?
>>>
>>> Thanks,
>>>
>>> Oleg
>>>
>>> On Thu, Jan 14, 2016 at 4:
Greetings,
Guys, can you please help me to understand following:
I'm reading through the way keystore and truststore are implemented, and it
is all fine and great, but at the end Cassandra documentation instructing
to extract all the keystore content and leave all certs and keys in a clear.
Do
will break
into the box, and if root is lost - all bets are off, that is fine too. But
in this case, what is the point to even have keystore and truststore?
Thanks,
Oleg
On Thu, Jan 14, 2016 at 4:38 PM, Jack Krupansky <jack.krupan...@gmail.com>
wrote:
> The point of encryption in
ng - no, we are banking on the fact nobody will break
> into the box, and if root is lost - all bets are off, that is fine too. But
> in this case, what is the point to even have keystore and truststore?
>
> Thanks,
>
> Oleg
>
> On Thu, Jan 14, 2016 at 4:38 PM, Jack Krupansk
The point of encryption in Cassandra is to protect data in flight between
the cluster and clients (or between nodes in the cluster.) The presumption
is that normal system network access control (e.g., remote login, etc.)
will preclude bad actors from directly accessing the file system on a
cluster
The keys don't have to be on the box. You do need a logi/password for c*.
sent from my mobile
Daemeon C.M. Reiydelle
USA 415.501.0198
London +44.0.20.8144.9872
On Jan 14, 2016 5:16 PM, "oleg yusim" wrote:
> Greetings,
>
> Guys, can you please help me to understand
Daemeon,
Can you, please, give me a bit of beef to your idea? I'm not sure I'm fully
on board here.
Thanks,
Oleg
On Thu, Jan 14, 2016 at 4:52 PM, daemeon reiydelle
wrote:
> The keys don't have to be on the box. You do need a logi/password for c*.
>
> sent from my mobile
>
gt; Now, if we are saying - no, we are banking on the fact nobody will break
>> into the box, and if root is lost - all bets are off, that is fine too. But
>> in this case, what is the point to even have keystore and truststore?
>>
>> Thanks,
>>
>> Oleg
>>
I think this is just an oversight; would you mind opening a ticket here?
https://issues.apache.org/jira/browse/CASSANDRA
On Mon, Nov 18, 2013 at 12:37 PM, David Laube d...@stormpath.com wrote:
Hi All,
We have been testing backup/restore from one ring to another and we
recently stumbled upon
Thank you Tyler. I took your advice and I have opened
https://issues.apache.org/jira/browse/CASSANDRA-6378
Best regards,
-David Laube
On Nov 19, 2013, at 9:51 AM, Tyler Hobbs ty...@datastax.com wrote:
I think this is just an oversight; would you mind opening a ticket here?
Hi All,
We have been testing backup/restore from one ring to another and we recently
stumbled upon an issue with sstableloader. When client_enc_enable: true, the
exception below is generated. When client_enc_enable is set to false, the
sstableloader is able to get to the point where it is
16 matches
Mail list logo