Skip to main content

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Prconfig properties for Cassandra cluster encryption

Suggest edit
Updated on April 5, 2022

This content applies only to On-premises and Client-managed cloud environments

Secure the data transfer between Cassandra nodes and between the client machines and the Cassandra cluster by customizing the prconfig.xml file properties.

Client-to-node encryption properties

Client-to-node encryption protects the data that is transferring from client machines to the Cassandra cluster by using Secure Sockets Layer (SSL).
PropertyDefault valueAvailable values
dnode/cassandra_client_encryptionfalse
  • true
  • false
dnode/cassandra_client_encryption/client_authfalse
  • true
  • false
dnode/cassandra_client_encryption/store_typeThe value of the dnode/cassandra_internode_encryption/store_type property.
  • jks
  • pkcs12
dnode/cassandra_client_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_client_encryption/algorithmSunX509There are no other available values.
dnode/cassandra_client_encryption/keystoreThe value of the dnode/cassandra_internode_encryption/keystore property.The path to the keystore.
dnode/cassandra_client_encryption/keystore_passwordThe value of the dnode/cassandra_internode_encryption/keystore_password property.Not applicable
dnode/cassandra_client_encryption/truststorenullThe path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true.
dnode/cassandra_client_encryption/truststore_passwordnullNot applicable.

Internode encryption properties

Internode encryption protects data transferring between nodes in the Cassandra cluster by using SSL.
Environment propertyDefault valueAvailable values
dnode/cassandra_internode_encryptionnone
  • none
  • all
  • dc
  • rack
dnode/cassandra_internode_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_internode_encryption/client_authfalseNot applicable.
dnode/cassandra_internode_encryption/keystoreconf/keystoreThe path to the keystore.
dnode/cassandra_internode_encryption/keystore_passwordcassandraNot applicable.
dnode/cassandra_internode_encryption/store_typeJKS
  • jks
  • pkcs12
dnode/cassandra_internode_encryption/truststoreThe value of dnode/cassandra_internode_encryption/keystore.The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true.
dnode/cassandra_internode_encryption/truststore_passwordcassandraNot applicable.
  • Previous topic Configuring a Cassandra cluster for external encryption
  • Next topic Creating Java keystores and truststores for Cassandra encryption
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us