Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-9325

cassandra-stress requires keystore for SSL but provides no way to configure it


    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Fix Version/s: 2.2.6, 3.0.5, 3.5
    • Component/s: Tools
    • Labels:


      Even though it shouldn't be required unless client certificate authentication is enabled, the stress tool is looking for a keystore in the default location of conf/.keystore with the default password of cassandra. There is no command line option to override these defaults so you have to provide a keystore that satisfies the default. It looks for conf/.keystore in the working directory, so you need to create this in the directory you are running cassandra-stress from.It doesn't really matter what's in the keystore; it just needs to exist in the expected location and have a password of cassandra.

      Since the keystore might be required if client certificate authentication is enabled, we need to add -transport parameters for keystore and keystore-password. Ideally, these should be optional and stress shouldn't require the keystore unless client certificate authentication is enabled on the server.

      In case it wasn't apparent, this is for Cassandra 2.1 and later's stress tool. I actually had even more problems getting Cassandra 2.0's stress tool working with SSL and gave up on it. We probably don't need to fix 2.0; we can just document that it doesn't support SSL and recommend using 2.1 instead.


        1. 9325-2.1.patch
          5 kB
          Stefan Podkowinski



            • Assignee:
              spodxx@gmail.com Stefan Podkowinski
              jblangston@datastax.com J.B. Langston
              T Jake Luciani
            • Votes:
              3 Vote for this issue
              7 Start watching this issue


              • Created: