Closed raws closed 11 years ago
Hi, I am using Hector client to communicate with cassandra on which client-node encryption is enabled, but when I tried connecting Hector client it gives errors. I set the truststore and password as well in my code but didn't figure out what exactly need to be done to use Hector client to connect to encrypted node. Trying to figure it out from a while, but unsuccessful. Any help will be appreciated.
Thanks, Fatema.
The error which I am getting -
16 [main] INFO me.prettyprint.cassandra.connection.CassandraHostRetryService - Downed Host Retry service started with queue size -1 and retry delay 10s 44 [main] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - SSL enabled for client<->server communications. 45 [main] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - Properties: 45 [main] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.truststore = /home/fatemabw/.truststore 45 [main] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.protocol = TLS 45 [main] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.store.type = JKS 45 [main] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.cipher.suites = TLS_RSA_WITH_AES_128_CBC_SHA 149 [main] ERROR me.prettyprint.cassandra.connection.HConnectionManager - Could not start connection pool for host 192.168.73.142(192.168.73.142):9160 149 [main] INFO me.prettyprint.cassandra.connection.CassandraHostRetryService - Host detected as down was added to retry queue: 192.168.73.142(192.168.73.142):9160 151 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - SSL enabled for client<->server communications. 151 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - Properties: 151 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.truststore = /home/fatemabw/.truststore 151 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.protocol = TLS 151 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.store.type = JKS 151 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] INFO me.prettyprint.cassandra.connection.factory.HThriftClientFactoryImpl - ssl.cipher.suites = TLS_RSA_WITH_AES_128_CBC_SHA 152 [Hector.me.prettyprint.cassandra.connection.CassandraHostRetryService-1] WARN me.prettyprint.cassandra.connection.CassandraHostRetryService - Downed 192.168.73.142(192.168.73.142):9160 host still appears to be down: Could not get client socket: 239 [main] INFO me.prettyprint.cassandra.service.JmxMonitor - Registering JMX me.prettyprint.cassandra.service_Test Cluster:ServiceType=hector,MonitorType=hector Exception in thread "main" me.prettyprint.hector.api.exceptions.HectorException: All host pools marked down. Retry burden pushed out to client. at me.prettyprint.cassandra.connection.HConnectionManager.getClientFromLBPolicy(HConnectionManager.java:394) at me.prettyprint.cassandra.connection.HConnectionManager.operateWithFailover(HConnectionManager.java:249) at me.prettyprint.cassandra.model.ExecutingKeyspace.doExecuteOperation(ExecutingKeyspace.java:113) at me.prettyprint.cassandra.model.MutatorImpl.execute(MutatorImpl.java:243) at me.prettyprint.cassandra.model.MutatorImpl.insert(MutatorImpl.java:69) at cassandra.Encypted_client_insert.insert(Encypted_client_insert.java:45) at cassandra.Encypted_client_insert.main(Encypted_client_insert.java:85)
@fatemabw, this project is a ruby IRC server. You're looking for https://github.com/hector-client/hector
@jyotty . Sorry for the ignorance of mine. Thanks for redirecting.
Despite supporting SSL connections, Hector doesn't have any way of using an actual valid SSL certificate.
By setting
Hector.ssl_port
, you can specify on which port Hector runs an SSL server, but none of EventMachine's Connection#start_tls options, like:private_key_file
and:cert_chain_file
, are exposed.We could accept a hash of
Hector.ssl_options
and pass them directly toEventMachine::Connection#start_tls
, but I don't like the idea of dumbly exposing EventMachine innards. Plus,Hector.ssl_options
andHector.ssl_port
together is awkward.I'm leaning toward
Hector.ssl_certificate_path
andHector.ssl_certificate_key_path
, with support forPathname
s.