Hi Jai,
so do you generate separate certificate for each node? Why not use one
certificate for all nodes?
Best regards, Vladimir Yudovin,
Winguzone - Hosted Cloud Cassandra
Launch your cluster in minutes.
---- On Mon, 21 Nov 2016 17:25:11 -0500Jai Bheemsen Rao Dhanwada
<jaibheem...@gmail.com> wrote ----
Hello,
I am setting up encryption on one of my cassandra cluster using the below
procedure.
server_encryption_options:
internode_encryption: all
keystore: /etc/keystore
keystore_password: xxxxx
truststore: /etc/truststore
truststore_password: xxxxx
http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore
However, one difficulty with this approach is whenever I am adding a new node I
had to rolling restart all the C* nodes in the cluster, so that the truststore
is updated with the new server information.
Is there a way to automatically trigger a reload so that the truststore is
updated on the existing machines without restart.
Can someone please help ?
