< Back to Tools

Source page
cassandra-ca-manager (11)

eevans cassandra-ca-manager

License: Apache License 2.0

Language: Python

cassandra-ca-manager

Easily create Java keystores with a self-signed CA trust chain, for Apache Cassandra (and other Java applications).

Usage

Step 1.

Create a YAML-formatted manifest describing the certificate authority and machine certificates.

    # The top-level working directory
    base_directory: /path/to/base/directory

    # The Certificate Authority
    authority:
      key:
        size: 2048
      cert:
        subject:
          organization: WMF
          country: US
          unit: Services
        valid: 365
      password: qwerty

    # Java keystores
    keystores:
      - name: restbase1001-a
        key:
          size: 2048
        cert:
          subject:
            organization: WMF
            country: US
            unit: Services
          valid: 365
        password: qwerty

      - name: restbase1001-b
        key:
          size: 2048
        cert:
          subject:
            organization: WMF
            country: US
            unit: Services
          valid: 365
        password: qwerty
    
      - name: restbase1002-a
        key:
          size: 2048
        cert:
          subject:
            organization: WMF
            country: US
            unit: Services
          valid: 365
        password: qwerty

Step 2.

Run the script with the manifest as its only argument:

$ cassandra-ca-manager manifest.yaml
$ tree /path/to/base/directory
/path/to/base/directory
├── restbase1001-a
│   ├── restbase1001-a.crt
│   └── restbase1001-a.csr
│   └── restbase1001-a.kst
├── restbase1001-b
│   ├── restbase1001-b.crt
│   └── restbase1001-b.csr
│   └── restbase1001-b.kst
├── restbase1002-a
│   ├── restbase1002-a.crt
│   └── restbase1002-a.csr
│   └── restbase1002-a.kst
├── rootCa.crt
├── rootCa.key
├── rootCa.srl
└── truststore

3 directories, 13 files

Note: cassandra-ca-manager is idempotent, it will not overwrite any existing material in the base directory. To create additional keystores later, simply add their definitions to the manifest, and re-run the script.

Step 3.

Copy the resulting truststore and *.kst files to their respective machines, and configure server and/or client encryption accordingly.

Related Tools

Example Cassandra Dsbulk With Sed And Awk

License : No License

Language : Awk

2

N/A

1

View More

Playbook

License : GNU General Public License v3.0

Language : JavaScript

1

N/A

N/A

View More

Example Cassandra Nifi

License : No License

Language : No Language

N/A

N/A

N/A

View More

Heroic

License : Apache License 2.0

Language : Java

844

70

111

View More

Need Cassandra Training?

WE GOT YOU COVERED.

Anant US provides online training for Apache Cassandra that covers all the important skills you need to know in order to work with this high performance, open source NoSQL database.

Join Our Newsletter!

Sign up below to receive email updates and see what's going on with our company.

Contact Info

3 Washington Circle NW Suite 301 - Washington, D.C. 20037

@ support@anant.us

(855) 262-6526

Properties

Blog

Cassandra.Link

Cassandra.Tools

Anant Playbook

Awesome Cassandra

Follow Us

Join Our Newsletter!

Sign up below to receive email updates and see what's going on with our company.

anant.us

© 2022 Anant Corporation,All Rights Reserved.

All logos, trademarks and registered trademarks are the property of their respective owners.