Is it possible to store an encrypted keystore_password and
truststore_password in the cassandra.yaml?  I see that the defaults
allow cleartext which isn't suitable when negotiating with security
specialists for sign-off of a solution...

From:  http://svn.apache.org/repos/asf/cassandra/trunk/conf/cassandra.yaml

# The passwords used in these options must match the passwords used
when generating
# the keystore and truststore.  For instructions on generating these files, see:
# 
http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
encryption_options:
    internode_encryption: none
    keystore: conf/.keystore
    keystore_password: cassandra
    truststore: conf/.truststore
    truststore_password: cassandra


-- 
Sasha Dolgy
sasha.do...@gmail.com

Reply via email to