DataStax Help Center

Configuring the DSE Solr HTTP/HTTPS port for customised settings


DSE Solr makes use of an embedded apache tomcat webserver. The settings for the web server are all configured as part of the DSE install and setup. Tomcat uses HTTP connectors to allow incoming HTTP / HTTPS connections and DSE will configure these as required with default settings.

In some cases there may be a requirement to deviate from the default settings, a good example is where there is a requirement to alter SSL cipher settings to disable weaker ciphers as part of security requirements.

This note discusses how this is achieved and should help as a guide to configuring other settings for the default DSE Solr HTTP port.


The tomcat HTTP connector settings reside in the server.xml file which is located as follows:

In package installs you'll find it under /usr/share/dse/tomcat/conf

In tarball installs its under <dse home>/resources/tomcat/conf/

The server.xml file is quite well commented. Note the comments informing the user that once a connector is configured in here then DSE will not automatically manage the connector settings.

Example of a connector configured for SSL with a required SSL Cipher:

<Connector port="8900" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSL"

Once the configuration is done then restart DSE.


If using SSL it can be easily tested with openssl s_client. The example below shows the port being tested with a non-compliant cipher and being rejected

$ openssl s_client -connect -cipher RC4-SHA
140699447514952:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:744:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 101 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE


Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request


Powered by Zendesk