Astyanax和Cassandra之間的安全通信

Question

有沒有人想出一種方法來保護Cassandra和Astyanax客戶端之間的通信？ SSL最好能夠做到客戶端證書身份驗證+加密...

Answer 1

我會假設你已經啓用了SSL的卡桑德拉和具有密鑰庫文件，如果沒有充分博客上enabling SSL in Astyanax here.

當您構建Keyspace上下文時，您需要將密鑰庫文件和密碼傳遞給Astyanax：

AstyanaxContext<Keyspace> ctx = new AstyanaxContext.Builder() 
    .forKeyspace("MyKeyspace") 
    // Config parameters 
    .withConnectionPoolConfiguration(
     new com.netflix.astyanax.connectionpool.impl.ConnectionPoolConfigurationImpl("MyConnectionPool") 
     .setSeeds("127.0.0.1") 
     .setSSLConnectionContext(
      new SSLConnectionContext(
      "/path/to/certificate/cassandra_external_trust.jks", // tell Astyanax the fully qualified path to the keystore file C* is using 
      "somePassword")))         // supply the keystore file's password too 
    .buildKeyspace(ThriftFamilyFactory.getInstance()); 
ctx.start();