Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Prconfig properties for Cassandra cluster encryption

Updated on May 17, 2024

This content applies only to On-premises and Client-managed cloud environments

Secure the data transfer between Cassandra nodes and between the client machines and the Cassandra cluster by customizing the prconfig.xml file properties.

Client-to-node encryption properties

Client-to-node encryption protects the data that is transferring from client machines to the Cassandra cluster by using Secure Sockets Layer (SSL).
PropertyDefault valueAvailable values
dnode/cassandra_client_encryptionfalse
  • true
  • false
dnode/cassandra_client_encryption/client_authfalse
  • true
  • false
dnode/cassandra_client_encryption/store_typeThe value of the dnode/cassandra_internode_encryption/store_type property.
  • jks
  • pkcs12
dnode/cassandra_client_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_client_encryption/algorithmSunX509There are no other available values.
dnode/cassandra_client_encryption/keystoreThe value of the dnode/cassandra_internode_encryption/keystore property.The path to the keystore.
dnode/cassandra_client_encryption/keystore_passwordThe value of the dnode/cassandra_internode_encryption/keystore_password property.Not applicable
dnode/cassandra_client_encryption/truststorenullThe path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true.
dnode/cassandra_client_encryption/truststore_passwordnullNot applicable.

Internode encryption properties

Internode encryption protects data transferring between nodes in the Cassandra cluster by using SSL.
Note:

Starting in Pega Platform version 8.6, the use of an internal Cassandra database is deprecated. On-premises and client-managed cloud systems that have been updated from earlier versions of Pega Platform can continue to use Cassandra in embedded mode. However, to ensure future compatibility, do not create any new environments using embedded Cassandra.

Environment propertyDefault valueAvailable values
dnode/cassandra_internode_encryptionnone
  • none
  • all
  • dc
  • rack
dnode/cassandra_internode_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_internode_encryption/client_authfalseNot applicable.
dnode/cassandra_internode_encryption/keystoreconf/keystoreThe path to the keystore.
dnode/cassandra_internode_encryption/keystore_passwordcassandraNot applicable.
dnode/cassandra_internode_encryption/store_typeJKS
  • jks
  • pkcs12
dnode/cassandra_internode_encryption/truststoreThe value of dnode/cassandra_internode_encryption/keystore.The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true.
dnode/cassandra_internode_encryption/truststore_passwordcassandraNot applicable.
  • Previous topic Configuring a Cassandra cluster for external encryption
  • Next topic Creating Java keystores and truststores for Cassandra encryption

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us