Prconfig properties for Cassandra cluster encryption
This content applies only to On-premises and Client-managed cloud environments
Secure the data transfer between Cassandra nodes and between the client machines and
the Cassandra cluster by customizing the prconfig.xml
file
properties.
Client-to-node encryption properties
Property | Default value | Available values |
dnode/cassandra_client_encryption | false |
|
dnode/cassandra_client_encryption/client_auth | false |
|
dnode/cassandra_client_encryption/store_type | The value of the dnode/cassandra_internode_encryption/store_type property. |
|
dnode/cassandra_client_encryption/cipher_suites | null | A comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers. |
dnode/cassandra_client_encryption/algorithm | SunX509 | There are no other available values. |
dnode/cassandra_client_encryption/keystore | The value of the dnode/cassandra_internode_encryption/keystore property. | The path to the keystore. |
dnode/cassandra_client_encryption/keystore_password | The value of the dnode/cassandra_internode_encryption/keystore_password property. | Not applicable |
dnode/cassandra_client_encryption/truststore | null | The path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true. |
dnode/cassandra_client_encryption/truststore_password | null | Not applicable. |
Internode encryption properties
Environment property | Default value | Available values |
dnode/cassandra_internode_encryption | none |
|
dnode/cassandra_internode_encryption/cipher_suites | null | A comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers. |
dnode/cassandra_internode_encryption/client_auth | false | Not applicable. |
dnode/cassandra_internode_encryption/keystore | conf/keystore | The path to the keystore. |
dnode/cassandra_internode_encryption/keystore_password | cassandra | Not applicable. |
dnode/cassandra_internode_encryption/store_type | JKS |
|
dnode/cassandra_internode_encryption/truststore | The value of dnode/cassandra_internode_encryption/keystore. | The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true. |
dnode/cassandra_internode_encryption/truststore_password | cassandra | Not applicable. |
Previous topic Configuring a Cassandra cluster for internal encryption (deprecated) Next topic Creating Java keystores and truststores for Cassandra encryption