Hi Jason If you enable encryption it will be always on. Optional encryption is generally a bad idea (tm). Also always creating a new session every query is also a bad idea (tm) even without the minimal overhead of encryption.
If you are really hell bent on doing this you could have a node that is part of the cluster but has -Dcassandra.join_ring=false set in jvm options in cassandra-env.sh so it does not get any data and configure that to have no encryption enabled. This is known as a fat client. Then connect to that specific node whenever you want to do terrible non encrypted things. Having said all that, please don't do this. Cheers On Tue, 19 Apr 2016 at 15:32 Jason J. W. Williams <jasonjwwilli...@gmail.com> wrote: > Hey Guys, > > Is there a way to make TLS encryption optional for the CQL listener? We'd > like to be able to use for remote management connections but not for same > datacenter usage (since the build/up tear down cost is too high for things > that don't use pools). > > Right now it appears if we enable encryption it requires it for all > connections, which definitely is not what we want. > > -J > -- Ben Bromhead CTO | Instaclustr <https://www.instaclustr.com/> +1 650 284 9692 Managed Cassandra / Spark on AWS, Azure and Softlayer
