Configuring a Cassandra cluster for internal encryption
This content applies only to On-premises and Client-managed cloud environments
Protect data that is transferred internally between Decision Data Store (DDS) nodes in Pega Platform by using node-to-node encryption.
- In the
prconfig.xml
file, enable node-to-node encryption by setting the dnode/cassandra_internode_encryption property to true.For more information about theprconfig.xml
file, see Changing node settings by modifying the prconfig.xml file and Downloading a prconfig configuration file for a node. - Configure the remaining
prconfig.xml
settings.For more information about theprconfig.xml
properties for node-to-node encryption, see Prconfig properties for Cassandra cluster encryption. - Create Java keystores and truststores along with SSL certificates.For more information, see Creating Java keystores and truststores for Cassandra encryption.
- Copy the
keystore.shared
andtruststore.shared
files to the external Cassandra directory. - In the
prconfig.xml
andcassandra.yaml
files, update the configuration with the file paths and passwords to the certificates. - Restart Pega Platform for the changes to take effect.
Previous topic Creating Cassandra user roles with limited database access Next topic Prconfig properties for Cassandra cluster encryption