Connect to Cassandra Apache with SSL using cassandra-driver in Node.js

Question

I try connect to my Cassandra but I have probably wrongly configured. I run it on localhost. Cassandra has generated certificated and add on. In cqlsh there are no errors with flag --ssl. My fragment code is

var tls = require('tls');
var fs = require('fs');
var options = {
	key : fs.readFileSync('client-key.pem'),
	cert : fs.readFileSync('client-cert.pem'),
	ca : [fs.readFileSync('server-cert.pem')]
};
var client = new cassandra.Client({
		contactPoints : ['127.0.0.1'],
		authProvider : new cassandra.auth.PlainTextAuthProvider('cassandra', 'cassandra'),
		sslOptions : tls.connect(options)
	});

what I'm doing wrong? Please help!

Answer 1

You must specify an Object instance in sslOption property to enable ssl on the driver.

Using your code sample:

var fs = require('fs');
var sslOptions = {
  key : fs.readFileSync('client-key.pem'),
  cert : fs.readFileSync('client-cert.pem'),
  ca : [fs.readFileSync('server-cert.pem')]
};
var client = new cassandra.Client({
  contactPoints : ['127.0.0.1'],
  authProvider : new cassandra.auth.PlainTextAuthProvider('cassandra', 'cassandra'),
  sslOptions : sslOptions
});

If you do not use client certificates, you can just use an empty object instance:

var client = new cassandra.Client({
  contactPoints : ['127.0.0.1'],
  authProvider : new cassandra.auth.PlainTextAuthProvider('cassandra', 'cassandra'),
  sslOptions : {}
});

And it will use the defaults specified in the Node.js tls module.

Answer 2

You should not need to specify tls.connect(options) rather you should just provide options for sslOptions. The driver calls tls.connect with the sslOptions you provide.

If you make this change and still get errors, can you share with me what they are? There are a lot of different factors that can make establishing an ssl connection fail.