Uploaded image for project: 'Apache Cassandra'
  1. Apache Cassandra
  2. CASSANDRA-12773

cassandra-stress error for one way SSL

    XMLWordPrintableJSON

Details

    • Normal

    Description

      CASSANDRA-9325 added keystore/truststore configuration into cassandra-stress. However, for one way ssl (require_client_auth=false), there is no need to pass keystore info into ssloptions. Cassadra-stress errored out:

      java.lang.RuntimeException: java.io.IOException: Error creating the initializing the SSL Context 
      at org.apache.cassandra.stress.settings.StressSettings.getJavaDriverClient(StressSettings.java:200) 
      at org.apache.cassandra.stress.settings.SettingsSchema.createKeySpacesNative(SettingsSchema.java:79) 
      at org.apache.cassandra.stress.settings.SettingsSchema.createKeySpaces(SettingsSchema.java:69) 
      at org.apache.cassandra.stress.settings.StressSettings.maybeCreateKeyspaces(StressSettings.java:207) 
      at org.apache.cassandra.stress.StressAction.run(StressAction.java:55) 
      at org.apache.cassandra.stress.Stress.main(Stress.java:117) 
      Caused by: java.io.IOException: Error creating the initializing the SSL Context 
      at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:151) 
      at org.apache.cassandra.stress.util.JavaDriverClient.connect(JavaDriverClient.java:128) 
      at org.apache.cassandra.stress.settings.StressSettings.getJavaDriverClient(StressSettings.java:191) 
      ... 5 more 
      Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect 
      at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) 
      at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) 
      at java.security.KeyStore.load(KeyStore.java:1445) 
      at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:129) 
      ... 7 more 
      Caused by: java.security.UnrecoverableKeyException: Password verification failed 
      at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) 
      ... 10 more
      

      It's a bug from CASSANDRA-9325. When the keystore is absent, the keystore is assigned to the path of the truststore, but the password isn't taken care.

      Attachments

        1. 12773-2.2.patch
          2 kB
          Stefan Podkowinski

        Issue Links

          Activity

            People

              spod Stefan Podkowinski
              jane.deng@datastax.com Jane Deng
              Stefan Podkowinski
              Robert Stupp
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: