search

silviucpp / erlcass

High-Performance Erlang Cassandra driver based on DataStax cpp-driver
http://silviucpp.github.io/erlcass
MIT License
75 stars 32 forks source link

How to connect to cluster with SSL? #62

Closed Vkutovoy92 closed 6 months ago

Vkutovoy92 commented 8 months ago

Hi, I'm trying to connect to Amazon Keyspaces and I have to add sf-class2-root.crt certificate and can't understand how. I see 

{ssl, [
        {trusted_certs, CertsList::list()},
        {cert, Cert::binary()},
        {private_key, {PrivateKey::binary(), KeyPassword::binary()}},
        {verify_flags, VerifyFlags::integer()}
       ]
}

but it doesn't work. How to do it?

AWS says that "Amazon Keyspaces requires the use of Transport Layer Security (TLS) to help secure connections with clients." And in other examples like a GO driver it requires just add one param with certificate path. https://docs.aws.amazon.com/keyspaces/latest/devguide/using_go_driver.html

Error is

{{badmatch,{error,<<"Unable to load certificate">>}},
 [{erlcass_cluster,set_options,1,

I made 

 {ssl,
        [
          {cert, <<"/Users/vitalijkutovoj/Documents/sf-class2-root.crt">>},
          {verify_flags, 1}
        ]
      },

And tried different schemes to add it.

silviucpp commented 6 months ago

Unfortunately I don't have access to such cluster to assist you.

Vkutovoy92 commented 6 months ago

Unfortunately I don't have access to such cluster to assist you.

It works without certificate so your driver works fine with AWS Keyspaces. We have been testing it about 1 month.