如何使用最新版本的java驱动核心连接到任何支持SSL的Cassandra群集
我的群集具有以下配置如何使用最新版本的java驱动核心连接到任何支持SSL的Cassandra群集,cassandra,datastax-java-driver,Cassandra,Datastax Java Driver,我的群集具有以下配置 protocol: TLS algorithm: SunX509 store_type: JKS 下面是正在工作的3.4Java驱动程序的代码 Cluster.builder() .addContactPoints(hostNameList) .withCredentials(username, password) .withPort(port)
protocol: TLS
algorithm: SunX509
store_type: JKS
下面是正在工作的3.4Java驱动程序的代码
Cluster.builder()
.addContactPoints(hostNameList)
.withCredentials(username, password)
.withPort(port)
.withSSL(getSslOptions()).build().connect();
类似地,我尝试使用4.5 java驱动程序,但遇到错误-com.datastax.oss.driver.api.core.AllNodesFailedException:无法到达任何联系点
代码
我需要一种通用方法,这就是为什么我不传递密钥库细节的原因
private static SSLOptions getSslOptions() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{new TrustAllX509TrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
return RemoteEndpointAwareJdkSSLOptions.builder().withSSLContext(sc).build();
}
public class TrustAllX509TrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
CqlSession.builder()
.withAuthCredentials(username, password)
.addContactPoints(Arrays.stream(hostNameList).map(host -> new InetSocketAddress(host, port)).collect(Collectors.toList()))
.withSslContext(getSslContext()).build();
private SSLContext getSslContext() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, new TrustManager[]{new TrustAllX509TrustManager()}, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier((string, ssls) -> true);
return sc;
}