Open jamesdehart opened 1 month ago
Hello @jamesdehart,
Feel free to add this. The SSL stuff here was done in conjuction with a user's specific use-case and holes in the implementation are to be expected. Bonus points if you can add tests for this case.
Cheers,
Rhys
I was able to copy and run the module locally and things worked well. I came across a bug that I'm going to post shortly about.
Thanks so much!
SUMMARY
Currently the SSL mode only supports Client verifies server and I would love to add Server verifies client and client verifies server and these updates would also support Server verifies client as well.
ISSUE TYPE
COMPONENT NAME
ADDITIONAL INFORMATION
By adding support for SSLContext.load_cert_chain this would allow for Server verifies client and client verifies server connections to Cassandra. I have a requirement for two way auth when connecting to Cassandra.
When using the below code (With the values for my setup) I get
Output:
from cassandra's
system.log
fileOnce I add in the
ssl_context.load_cert_chain
Everything works. If there is anything missing please let me know. I don't mind adding an MR to add the above.