Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/336.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Cassandra:如何设置客户端到节点的加密?_Java_Ssl_Cassandra - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Cassandra:如何设置客户端到节点的加密?

Java Cassandra:如何设置客户端到节点的加密?

java ssl cassandra

Java Cassandra:如何设置客户端到节点的加密?,java,ssl,cassandra,Java,Ssl,Cassandra,我已经使用DataStax设置了Cassandra客户端到节点的加密 cassandra.yaml文件中的客户端描述选项: client_encryption_options: enabled: true keystore: /opt/key/.keystore keystore_password: cassandra cipher_suites:[TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC

我已经使用DataStax设置了Cassandra客户端到节点的加密

cassandra.yaml文件中的客户端描述选项:

 client_encryption_options:
    enabled: true
    keystore: /opt/key/.keystore
    keystore_password: cassandra
    cipher_suites:[TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
使用SSL默认Java系统属性的客户端:

-Djavax.net.ssl.trustStore=/opt/app/conf/.truststore -Djavax.net.ssl.trustStorePassword=cassandra
但连接后,Cassandra日志中出现错误:

INFO [Native-Transport-Requests:12] 2015-02-11 11:45:52,456 Message.java (line 397) Unexpected exception during request; channel = [id: 0xfb3df0e3, /192.168.43.13:32885 => /192.168.43.10:9042]
org.jboss.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 01000001000000160001000b43514c5f56455253494f4e0005332e302e30
at org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:871)
at org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:425)
at org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:303)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255)
at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:109)
at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:312)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:90)
at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
我正在使用Cassandra 2.0.10.71、Java 1.7.0_75和Java加密扩展libs这是一条信息消息,表明您的Cassandra节点已设置了无ssl包。似乎有东西试图连接到您的Cassandra节点

查看引发异常的Netty java文件的源代码。 org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:871)

您是否已验证发送的是加密数据?此错误基本上表示数据包未使用SSL(v2或v3)或TLS协议进行加密。能否将cqlsh设置为客户端,并查看是否可以使其正常工作。我倾向于在客户端而不是服务器端出现问题。 
  if (nonSslRecord) {
       // Not an SSL/TLS packet
        NotSslRecordException e = new NotSslRecordException(
        "not an SSL/TLS record: " + ByteBufUtil.hexDump(in));
        in.skipBytes(in.readableBytes());
            ctx.fireExceptionCaught(e);
            setHandshakeFailure(ctx, e);
   }

http://grepcode.com/file/repo1.maven.org/maven2/io.netty/netty-handler/4.0.30.Final/io/netty/handler/ssl/SslHandler.java#SslHandler