DataStax Help Center

Spark shell with SSL enabled clusters

Summary

When using spark shell with a SSL enabled cluster the client truststore must be set otherwise the shell will not connect to cassandra

Symptoms

The spark shell will show an error like so:

scala> :show schema
java.io.FileNotFoundException: /usr/share/dse/conf/.truststore (No such file or directory)
That entry seems to have slain the compiler.  Shall I replay
your session? I can re-run each line except the last one.
[y/n]
Abandoning crashed session.

Cause

The local node's truststore needs to be set, if not then the client will not be able to connect as it cannot validate the server's SSL certificate against a truststore.

Solution

The cassandra.yaml file will look like this:

# enable or disable client/server encryption.
client_encryption_options:
    enabled: true
    keystore: /etc/dse/clientkeystore
    keystore_password: datastax
    # require_client_auth: false
    # Set trustore and truststore_password if require_client_auth is true
    # truststore: /etc/dse/truststore
    # truststore_password: datastax


Although the comments say when to set the truststore in this particular scenario it is not correct. The cassandra yaml needs to be set like so:

# enable or disable client/server encryption.
client_encryption_options:
    enabled: true
    keystore: /etc/dse/clientkeystore
    keystore_password: datastax
    # require_client_auth: false
    # Set trustore and truststore_password if require_client_auth is true
    truststore: /etc/dse/truststore
    truststore_password: datastax

 

Was this article helpful?
1 out of 2 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk