Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Prconfig properties for Cassandra cluster encryption

Updated on March 11, 2021

This content applies only to On-premises and Client-managed cloud environments

Secure the data transfer between Cassandra nodes and between the client machines and the Cassandra cluster by customizing the prconfig.xml file properties.

Client-to-node encryption properties

Client-to-node encryption protects the data that is transferring from client machines to the Cassandra cluster by using Secure Sockets Layer (SSL).
PropertyDefault valueAvailable values
  • true
  • false
  • true
  • false
dnode/cassandra_client_encryption/store_typeThe value of the dnode/cassandra_internode_encryption/store_type property.
  • jks
  • pkcs12
dnode/cassandra_client_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_client_encryption/algorithmSunX509There are no other available values.
dnode/cassandra_client_encryption/keystoreThe value of the dnode/cassandra_internode_encryption/keystore property.The path to the keystore.
dnode/cassandra_client_encryption/keystore_passwordThe value of the dnode/cassandra_internode_encryption/keystore_password property.Not applicable
dnode/cassandra_client_encryption/truststorenullThe path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true.
dnode/cassandra_client_encryption/truststore_passwordnullNot applicable.

Internode encryption properties

Internode encryption protects data transferring between nodes in the Cassandra cluster by using SSL.
Environment propertyDefault valueAvailable values
  • none
  • all
  • dc
  • rack
dnode/cassandra_internode_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_internode_encryption/client_authfalseNot applicable.
dnode/cassandra_internode_encryption/keystoreconf/keystoreThe path to the keystore.
dnode/cassandra_internode_encryption/keystore_passwordcassandraNot applicable.
  • jks
  • pkcs12
dnode/cassandra_internode_encryption/truststoreThe value of dnode/cassandra_internode_encryption/keystore.The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true.
dnode/cassandra_internode_encryption/truststore_passwordcassandraNot applicable.
  • Previous topic Configuring a Cassandra cluster for internal encryption
  • Next topic Creating Java keystores and truststores for Cassandra encryption

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us