1. 首頁
  2. 問答
  3. 設置安全的cassandra集羣(java.lang.RuntimeException:無法設置安全管道)

設置安全的cassandra集羣(java.lang.RuntimeException:無法設置安全管道)

2017-02-22 106 views
1

我已按照https://github.com/PatrickCallaghan/datastax-ssl-secure-cluster/blob/master/README.md上提及的步驟設置安全的SSL cassandra集羣。我收到與「無法設置安全管道」相同的錯誤。我忽略了網站提到的我的cassandra.yaml密碼套件,但我仍然得到相同的錯誤。設置安全的cassandra集羣(java.lang.RuntimeException:無法設置安全管道)

我cassandra.yaml看起來是這樣的:

client_encryption_options: 
    enabled: true 
    # If enabled and optional is set to true encrypted and unencrypted connections are handled. 
    optional: false 
    keystore: ***/ssl/cassandra3_keystore.jks 
    keystore_password: **** 
    # require_client_auth: false 
    # Set trustore and truststore_password if require_client_auth is true 
    # truststore: conf/.truststore 
    # truststore_password: cassandra 
    # More advanced defaults below: 
    # protocol: TLS 
    # algorithm: SunX509 
    # store_type: JKS 
    cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA]

有人能指導我什麼,我能做什麼呢? 以下是完整的錯誤跟蹤:

Exception (java.lang.RuntimeException) encountered during startup: Failed to setup secure pipeline 
java.lang.RuntimeException: Failed to setup secure pipeline 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:354) 
    at org.apache.cassandra.transport.Server$SecureInitializer.<init>(Server.java:411) 
    at org.apache.cassandra.transport.Server.start(Server.java:152) 
    at org.apache.cassandra.service.NativeTransportService$$Lambda$203.0000000040E88830.accept(Unknown Source) 
    at java.util.Collections$SingletonSet.forEach(Collections.java:4778) 
    at org.apache.cassandra.service.NativeTransportService.start(NativeTransportService.java:128) 
    at org.apache.cassandra.service.CassandraDaemon.startNativeTransport(CassandraDaemon.java:633) 
    at org.apache.cassandra.service.CassandraDaemon.start(CassandraDaemon.java:495) 
    at org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:600) 
    at org.apache.cassandra.service.CassandraDaemon.main(CassandraDaemon.java:714) 
Caused by: java.io.IOException: Error creating the initializing the SSL Context 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:170) 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:350) 
    ... 9 more 
Caused by: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available 
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:171) 
    at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:12) 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:146) 
    ... 10 more 
ERROR 15:36:01 Exception encountered during startup 
java.lang.RuntimeException: Failed to setup secure pipeline 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:354) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.transport.Server$SecureInitializer.<init>(Server.java:411) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.transport.Server.start(Server.java:152) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.NativeTransportService$$Lambda$203.0000000040E88830.accept(Unknown Source) ~[na:na] 
    at java.util.Collections$SingletonSet.forEach(Collections.java:4778) ~[na:1.8.0-internal] 
    at org.apache.cassandra.service.NativeTransportService.start(NativeTransportService.java:128) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.startNativeTransport(CassandraDaemon.java:633) [apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.start(CassandraDaemon.java:495) [apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:600) [apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.main(CassandraDaemon.java:714) [apache-cassandra-3.7.jar:3.7] 
Caused by: java.io.IOException: Error creating the initializing the SSL Context 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:170) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:350) ~[apache-cassandra-3.7.jar:3.7] 
    ... 9 common frames omitted 
Caused by: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available 
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:171) ~[na:1.8.0-internal] 
    at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:12) ~[na:8.0 build_20150122] 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:146) ~[apache-cassandra-3.7.jar:3.7] 
    ... 10 common frames omitted

來源

2017-02-22 user1692342

+0

什麼是你的'的Java -version'? –

回答

0

您可以通過重寫兩個節點到節點和客戶端節點屬性例如密碼套件避開它 cipher_suites:[TLS_RSA_WITH_AES_128_CBC_SHA]

這是因爲Oracle Java中存在以下問題。 http://www.pathin.org/tutorials/java-cassandra-cannot-support-tls_rsa_with_aes_256_cbc_sha-with-currently-installed-providers/

下載後,您可以將文件複製到服務器上的正確庫。

例如

SCP *根@服務器:/ usr/lib中/ JVM/Java的7-ORACLE/JRE/lib/security中/

來源

2017-05-08 03:04:21 user2364791

相關問題

 相關問題