Saturday, July 2, 2016

How to Enable SSL between WSO2 DSS and Cassandra

1. Connect WSO2 DSS with cassandra using this doc
2. Enable client-node encryption from cassandra.yaml  in <cassandra_home>/conf
client_encryption_options:
    enabled: true
    keystore: [Key store path]
    keystore_password: [Key store password]
    cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA]
2. Restart Cassandra.
3. Please add following tag under <config> tag in dataservice.
<property name="enableSSL">true</property>
4. Install Cassandra certificate to ESB client-truststore.
keytool -import -v -trustcacerts -alias <cert_alias> -file <cert_file> -keystore <ESB_HOME>/repository/resources/security/client-truststore.jks
5. In <ESB_HOME>/bin/wso2server.sh add the following system properties.
    -Dssl.protocol=TLS
    -Dssl.cipher.suites=TLS_RSA_WITH_AES_128_CBC_SHA
    -Dssl.store.type=JKS
    -Dssl.truststore=[Trust store path]
    -Dssl.truststore.password=[Trust store password]
6. Restart the DSS.

No comments:

Post a Comment