Hi Ashwini, On all my nodes, I’m installing the additional jce policy https://support.datastax.com/hc/en-us/articles/204226129-Receiving-error-Caused-by-java-lang-IllegalArgumentException-Cannot-support-TLS-RSA-WITH-AES-256-CBC-SHA-with-currently-installed-providers-on-DSE-startup-after-setting-up-client-to-node-encryption
Then I’m generating one key / certificate on each of my node, exporting public part and store it in a truststore of other nodes and configure cassandra.yaml Datastax documentation is pretty clear : https://docs.datastax.com/en/cassandra/2.1/cassandra/security/secureSSLCertificates_t.html https://docs.datastax.com/en/cassandra/2.1/cassandra/security/secureSSLNodeToNode_t.html Hope its helps, Regards, De : Ashwini Mhatre (asmhatre) [mailto:asmha...@cisco.com] Envoyé : mercredi 3 août 2016 12:25 À : user@cassandra.apache.org Cc : Keshava H P (kehp); PRABHJOT KAUR (prabhkau) Objet : Re: Issue in internode encryption in cassandra Hi, Is any one have any hint regarding node to node encryption . Regards, Ashwini Mhatre From: asmhatre <asmha...@cisco.com<mailto:asmha...@cisco.com>> Reply-To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org>" <user@cassandra.apache.org<mailto:user@cassandra.apache.org>> Date: Monday, 25 July 2016 at 4:15 PM To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org>" <user@cassandra.apache.org<mailto:user@cassandra.apache.org>> Subject: Issue in internode encryption in cassandra I am using internode encryption in cassandra, with self signed CA it works fine. but with other product CA m getting this error "Filtering out TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA as it isnt supported by the socket”
