Open prats84 opened 4 years ago
I’m having this same issue. Can’t speak for @prats84 but in my case, the Cassandra cluster is Amazon MCS, unsure if that makes a difference.
Happy to provide anything that would be helpful for troubleshooting.
I have tried with both Amazon MCS and a separate 3-5 node cluster with SSL enabled on port 9142. The logs for above are for a separate cluster and if required I can add the logs for Amazon MCS as well
I'm having a similar issue however i get blocked before even connecting to AWS Keyspace (MCS) which requires client authentication on TLS1.2.
I'm using RC3
db.janusgraph {
storage {
## Cassandra configuration
# More information at https://docs.janusgraph.org/basics/configuration-reference/#storagecql
backend: cql
port: 9142
hostname: ["cassandra.us-west-2.amazonaws.com"]
# Cassandra authentication (if configured)
username: "[AWS KEYSPACE USERNAME]"
password: "[AWS KEYSPACE PASSWORD]"
cql {
cluster-name: "Amazon Keyspace"
keyspace: thehive
ssl.client-authentication-enabled = "true"
ssl.enabled = "true"
ssl.truststore.location = "/opt/thp_data/files/thp_truststore"
ssl.truststore.password = "password"
}
}
}
I can see the AWS root CA in the truststore using keytool
and permissions are 777 for testing. I've also connected to the Keyspace instance using cqlsh
. Let me know if you'd like me to file a separate bug.
Below is an export of the log
Caused by: java.lang.IllegalArgumentException: Could not instantiate implementation: org.janusgraph.diskstorage.cql.CQLStoreManager
at org.janusgraph.util.system.ConfigurationUtil.instantiate(ConfigurationUtil.java:64)
at org.janusgraph.diskstorage.Backend.getImplementationClass(Backend.java:440)
at org.janusgraph.diskstorage.Backend.getStorageManager(Backend.java:411)
at org.janusgraph.graphdb.configuration.builder.GraphDatabaseConfigurationBuilder.build(GraphDatabaseConfigurationBuilder.java:50)
at org.janusgraph.core.JanusGraphFactory.open(JanusGraphFactory.java:161)
at org.janusgraph.core.JanusGraphFactory.open(JanusGraphFactory.java:132)
at org.janusgraph.core.JanusGraphFactory.open(JanusGraphFactory.java:112)
at org.thp.scalligraph.janus.JanusDatabase$.openDatabase(JanusDatabase.scala:48)
at org.thp.scalligraph.janus.JanusDatabase.<init>(JanusDatabase.scala:69)
at org.thp.scalligraph.janus.JanusDatabase$$FastClassByGuice$$113881e3.newInstance(<generated>)
at com.google.inject.internal.DefaultConstructionProxyFactory$FastClassProxy.newInstance(DefaultConstructionProxyFactory.java:89)
at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:114)
at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91)
at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:306)
at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40)
at com.google.inject.internal.SingletonScope$1.get(SingletonScope.java:168)
at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:39)
at com.google.inject.internal.FactoryProxy.get(FactoryProxy.java:62)
at com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:42)
at com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:65)
at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:113)
at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91)
at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:306)
at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40)
at com.google.inject.internal.SingletonScope$1.get(SingletonScope.java:168)
at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:39)
at com.google.inject.internal.SingleParameterInjector.inject(SingleParameterInjector.java:42)
at com.google.inject.internal.SingleParameterInjector.getAll(SingleParameterInjector.java:65)
at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:113)
at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91)
at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:306)
at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1050)
... 20 common frames omitted
Caused by: java.lang.reflect.InvocationTargetException: null
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.janusgraph.util.system.ConfigurationUtil.instantiate(ConfigurationUtil.java:58)
... 51 common frames omitted
Caused by: java.lang.IllegalArgumentException: Invalid configuration value for [root.storage.cql.ssl.keystore.location]:
at com.google.common.base.Preconditions.checkArgument(Preconditions.java:164)
at org.janusgraph.diskstorage.configuration.ConfigOption.verify(ConfigOption.java:240)
at org.janusgraph.diskstorage.configuration.ConfigOption.get(ConfigOption.java:232)
at org.janusgraph.diskstorage.configuration.BasicConfiguration.get(BasicConfiguration.java:69)
at org.janusgraph.diskstorage.configuration.Configuration.get(Configuration.java:35)
at org.janusgraph.diskstorage.cql.CQLStoreManager.initializeCluster(CQLStoreManager.java:268)
at org.janusgraph.diskstorage.cql.CQLStoreManager.<init>(CQLStoreManager.java:181)
... 56 common frames omitted
janusgraph does not seem to support Amazon Keyspaces MCS: https://stackoverflow.com/questions/62220244/run-janusgraph-with-aws-keyspace-storage-backend https://stackoverflow.com/questions/61298977/janusgraph-access-amazon-managed-cassandra-from-ec2
I assume that until that is possible, MCS it not supported by Janusgraph and therefor not possible to use with The Hive4.
Not sure why the driver fails back to port 9042 after setting up the connection over TLS on port 9142. I experienced the same issue when testing with Amazon Keyspaces.
Hello everyone. I working on setting up the same configuration with The Hive4 and AWS Keyspaces and came across this issue. Was this ever fixed? I am trying to determine if it is worth my time going down this same path when you cannot still reliably connect TH4 with Keyspaces securely via TLS. Thanks in advance!
Running into the same issues, I would also love to use AWS Keyspaces!!
When Cassandra is in cluster, the default port (9042) cannot be changed. This is a limitation of the current version of Janusagraph (https://lists.lfaidata.foundation/g/janusgraph-users/topic/83600047).
@To-om is there any update on this. I have seen several posts about connecting TheHive to keyspaces. Is this possible? Thanks in advance
Request Type
BUG
Work Environment
Problem Description
Hello, need some help with Cassandra/CQL config fo thehive 4 . I want to implement SSL with CQL. When i try to connect to my cluster, i get the below error. The hostname I have specified is 2x.x.x.9:9142 in the config but when it finds other nodes it adds them with port 9042 instead of 9142.
Steps to Reproduce
Complementary information
Error:
Snippet from application.conf: