Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Securing Cassandra communication with TLS/SSL

Tags:

ssl

cassandra

We would like to protect the Cassandra against man-in-the-middle attacks. Is there any way to configure Cassandra in a way that the client-server and server-server (replication) communications are SSL encrypted?

thank you

like image 505
akouzmit Avatar asked Jun 30 '10 13:06

akouzmit


People also ask

Does Cassandra support TLS?

In Apigee hybrid, TLS is enabled by default for any communication between Cassandra nodes and between clients and Cassandra nodes.

Is Cassandra data encrypted?

Amazon Keyspaces (for Apache Cassandra) encryption at rest provides enhanced security by encrypting all your data at rest using encryption keys stored in AWS Key Management Service (AWS KMS) . This functionality helps reduce the operational burden and complexity involved in protecting sensitive data.

Is Cassandra secure?

TLS/SSL EncryptionCassandra provides secure communication between a client machine and a database cluster and between nodes within a cluster. Enabling encryption ensures that data in flight is not compromised and is transferred securely.


2 Answers

short answer: no :)

For client - server : THRIFT-151

Edit: You might want to follow this thread on the ML

like image 54
Schildmeijer Avatar answered Oct 05 '22 03:10

Schildmeijer


Encrypted server server communication seems to be available now:

https://issues.apache.org/jira/browse/CASSANDRA-1567
Provide configurable encryption support for internode communication

Resolution: Fixed
Fix Version/s: 0.8 beta 1
Resolved: 19/Jan/11 18:11

like image 30
KajMagnus Avatar answered Oct 05 '22 03:10

KajMagnus