(prabhkau)
Objet : Re: Issue in internode encryption in cassandra
Hi,
Is any one have any hint regarding node to node encryption .
Regards,
Ashwini Mhatre
From: asmhatre mailto:asmha...@cisco.com>>
Reply-To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org&
ly 2016 at 4:15 PM
To: "user@cassandra.apache.org<mailto:user@cassandra.apache.org>"
mailto:user@cassandra.apache.org>>
Subject: Issue in internode encryption in cassandra
I am using internode encryption in cassandra, with self signed CA it works
fine. but with ot
>
>
> I am using internode encryption in cassandra, with self signed CA it
works fine. but with other product CA m getting this error "Filtering out
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA as it
isnt supported by the socket”
>
You've specified E
va Ciphers.java
Compare the output to be certain the same ciphers are available everywhere.
On Mon, Jul 25, 2016 at 4:45 AM Ashwini Mhatre (asmhatre) <
asmha...@cisco.com> wrote:
> Hi ,
>
> I am using internode encryption in cassandra, with self signed CA it works
> fine. but wit
Hi ,
I am using internode encryption in cassandra, with self signed CA it works
fine. but with other product CA m getting this error "Filtering out
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA as it
isnt supported by the socket”
Thank you.
Regards,
Ashwini Mhatre
le with passwords from these stores and
>>> keep the key of the box. That is great, and as a security architect I
>>> applaud this.
>>>
>>> Now, if we are saying - no, we are banking on the fact nobody will break
>>> into the box, and if root is lost
anking on the fact nobody will break
>> into the box, and if root is lost - all bets are off, that is fine too. But
>> in this case, what is the point to even have keystore and truststore?
>>
>> Thanks,
>>
>> Oleg
>>
>> On Thu, Jan 14, 2016 at 4:38 PM, J
re banking on the fact nobody will break
> into the box, and if root is lost - all bets are off, that is fine too. But
> in this case, what is the point to even have keystore and truststore?
>
> Thanks,
>
> Oleg
>
> On Thu, Jan 14, 2016 at 4:38 PM, Jack Krupansky
> wrote:
Daemeon,
Can you, please, give me a bit of beef to your idea? I'm not sure I'm fully
on board here.
Thanks,
Oleg
On Thu, Jan 14, 2016 at 4:52 PM, daemeon reiydelle
wrote:
> The keys don't have to be on the box. You do need a logi/password for c*.
>
> sent from my mobile
> Daemeon C.M. Reiydel
The keys don't have to be on the box. You do need a logi/password for c*.
sent from my mobile
Daemeon C.M. Reiydelle
USA 415.501.0198
London +44.0.20.8144.9872
On Jan 14, 2016 5:16 PM, "oleg yusim" wrote:
> Greetings,
>
> Guys, can you please help me to understand following:
>
> I'm reading thro
the fact nobody will break
into the box, and if root is lost - all bets are off, that is fine too. But
in this case, what is the point to even have keystore and truststore?
Thanks,
Oleg
On Thu, Jan 14, 2016 at 4:38 PM, Jack Krupansky
wrote:
> The point of encryption in Cassandra is to prot
The point of encryption in Cassandra is to protect data in flight between
the cluster and clients (or between nodes in the cluster.) The presumption
is that normal system network access control (e.g., remote login, etc.)
will preclude bad actors from directly accessing the file system on a
cluster
Greetings,
Guys, can you please help me to understand following:
I'm reading through the way keystore and truststore are implemented, and it
is all fine and great, but at the end Cassandra documentation instructing
to extract all the keystore content and leave all certs and keys in a clear.
Do I
13 matches
Mail list logo
