Java ssl sockets need to be able to build a chain of trust. So having
either a nodes public cert or the root cert in the truststore works (as you
found out).
To get cassandra to use cypher suites > 128 bit you will need to install
the JCE unlimited strength jurisdiction policy files. You will know
It appears that only adding the CA certificate to the truststore is
sufficient for this.
On Thu, May 22, 2014 at 10:05 AM, Jeremy Jongsma
wrote:
> The docs say that each node needs every other node's certificate in its
> local truststore:
>
>
> http://www.datastax.com/documentation/cassandra/1.
The docs say that each node needs every other node's certificate in its
local truststore:
http://www.datastax.com/documentation/cassandra/1.2/cassandra/security/secureSSLCertificates_t.html
This seems like a bit of a headache for adding nodes to a cluster. How do
others deal with this?
1) If I a
