Cassandra客户端程序不使用NettySSLOptions
我引用此链接是为了在带有OpenSSL选项的SSL上使用datastax驱动程序3.0.0实现一个简单的Cassandra客户端,但无法运行它 在第行获取通用异常为Cassandra客户端程序不使用NettySSLOptions,ssl,cassandra,openssl,datastax-java-driver,Ssl,Cassandra,Openssl,Datastax Java Driver,我引用此链接是为了在带有OpenSSL选项的SSL上使用datastax驱动程序3.0.0实现一个简单的Cassandra客户端,但无法运行它 在第行获取通用异常为com.datastax.driver.core.exceptions.NoHostAvailableException mySession = myCluster.connect(); 下面是设置群集连接的代码段 public void connectToCluster() { String[] t
com.datastax.driver.core.exceptions.NoHostAvailableExceptionmySession = myCluster.connect();
public void connectToCluster()
{
String[] theCassandraHosts = {"myip"};
myCluster =
Cluster.builder().withSSL(getSSLOption())
.withReconnectionPolicy(new ConstantReconnectionPolicy(2000))
.addContactPoints(theCassandraHosts).withPort(10742)
.withCredentials("username", "password")
.withLoadBalancingPolicy(DCAwareRoundRobinPolicy.builder().build())
.withSocketOptions(new SocketOptions()
.setConnectTimeoutMillis(800).setKeepAlive(true)).build();
try {
mySession = myCluster.connect();
}
catch(Exception e) {
e.printStackTrace();
}
System.out.println("Session Established");
}
private SSLOptions getSSLOption()
{
InputStream trustStore = null;
try
{
String theTrustStorePath = "/var/opt/SecureInterface/myTrustStore.jks";
String theTrustStorePassword = "mypassword";
List<String> theCipherSuites = new ArrayList<String>();
theCipherSuites.add("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
KeyStore ks = KeyStore.getInstance("JKS");
trustStore = new FileInputStream(theTrustStorePath);
ks.load(trustStore, theTrustStorePassword.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
SslContextBuilder builder =
SslContextBuilder.forClient()
.sslProvider(SslProvider.OPENSSL)
.trustManager(tmf)
.ciphers(theCipherSuites)
// only if you use client authentication
.keyManager(new File("/var/opt/SecureInterface/keystore/Cass.crt"),
new File("/var/opt/SecureInterface/keystore/Cass_enc.key"));
SSLOptions sslOptions = new NettySSLOptions(builder.build());
return sslOptions;
}
catch (Exception e)
{
e.printStackTrace();
}
finally
{
try
{
trustStore.close();
}
catch (IOException e)
{
e.printStackTrace();
}
}
return null;
}
public void connectToCluster()
{
字符串[]theCassandraHosts={“myip”};
myCluster=
Cluster.builder().withSSL(getSSLOption())
.使用重新连接策略(新ConstantReconnectionPolicy(2000))
.添加触点(卡桑德拉霍斯)。带端口(10742)
.withCredentials(“用户名”、“密码”)
.WithLoadBalancePolicy(dcawarRoundRobinPolicy.builder().build())
.带插座选项(新插座选项()
.setConnectTimeoutMillis(800).setKeepAlive(true)).build();
试一试{
mySession=myCluster.connect();
}
捕获(例外e){
e、 printStackTrace();
}
System.out.println(“会话已建立”);
}
私有SSLOptions getSSLOption()
{
InputStream trustStore=null;
尝试
{
字符串theTrustStorePath=“/var/opt/SecureInterface/myTrustStore.jks”;
字符串theTrustStorePassword=“mypassword”;
列出iPhone套件=新的ArrayList();
添加(“TLS_ECDHE_RSA_,带AES_256_GCM_SHA384”);
KeyStore ks=KeyStore.getInstance(“JKS”);
信任库=新文件输入流(信任库路径);
load(信任库,信任库密码.tocharray());
TrustManagerFactory tmf=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
SslContextBuilder=
SslContextBuilder.forClient()
.sslProvider(sslProvider.OPENSSL)
.trustManager(tmf)
.密码(iPhone套件)
//仅当您使用客户端身份验证时
.keyManager(新文件(“/var/opt/SecureInterface/keystore/Cass.crt”),
新文件(“/var/opt/SecureInterface/keystore/Cass_enc.key”);
SSLOptions SSLOptions=新的NetySloptions(builder.build());
回归发展;
}
捕获(例外e)
{
e、 printStackTrace();
}
最后
{
尝试
{
trustStore.close();
}
捕获(IOE异常)
{
e、 printStackTrace();
}
}
返回null;
}
是否有人为Cassandra客户端应用程序实现了NettySSLOptions?您是否尝试过驱动程序的3.5.0版(检查)?您是否使用SSL身份验证?或者您只需要加密连接?我使用的是3.0.0驱动程序。我正在使用SSL身份验证进行服务器和客户端验证。我建议切换到最新版本。3.0.0是3.x分支的第一个版本。。。另外,我问的是身份验证,而不是验证。谢谢Alex的推荐。将尝试3.0.5,但它使用RemoteEndpointAwarenettySloptions。SSL身份验证是什么意思?身份验证我的意思是用户信息取自证书