Hi,
I didn't try, but I guess it's possible.
Look at conf/cassandra-env.sh in latest versions:
JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl=false"
# JVM_OPTS="$JVM_OPTS -Djavax.net.ssl.keyStore=/path/to/keystore"
# JVM_OPTS="$JVM_OPTS
-Djavax.net.ssl.keyStorePassword=keystore-password"
# JVM_OPTS="$JVM_OPTS -Djavax.net.ssl.trustStore=/path/to/truststore"
# JVM_OPTS="$JVM_OPTS
-Djavax.net.ssl.trustStorePassword=truststore-password"
# JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl.need.client.auth=true"
# JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.registry.ssl=true"
# JVM_OPTS="$JVM_OPTS
-Dcom.sun.management.jmxremote.ssl.enabled.protocols=enabled-protocols"
# JVM_OPTS="$JVM_OPTS
-Dcom.sun.management.jmxremote.ssl.enabled.cipher.suites=enabled-cipher-suites"
You see ssl and keystore options.
The same in 2.0.17, the only SSL option is:
JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl=false"
Though this config file fo version 2.0 doesn't contain keystore options I think
it's worth to try to add them in v2.0. enable SSL and check whether it works.
Best regards, Vladimir Yudovin,
Winguzone - Hosted Cloud Cassandra on Azure and SoftLayer.
Launch your cluster in minutes.
On Wed, 12 Oct 2016 08:08:34 -0400Amit Singh F
amit.f.si...@ericsson.com wrote
Hi All,
I was looking through the documentation of Security in C* 2.0, I noticed that
there is no such mention of Jconsole over SSL whereas in latest 3.x doc, I can
spot that :
http://docs.datastax.com/en/cassandra_win/3.0/cassandra/configuration/secureJconsoleSSL.html
so what I can infer from this is that only in C* 3.x, we can secure Jconsole
over SSL?
Also in C* 2.0 , SSL can only be used by clients except nodetool,jconsole ?
Please correct me if I am on wrong way .
Regards
Amit Singh
Datastax Certified Developer
