Skip to main content

 –

Prconfig properties for Cassandra cluster encryption

Suggest edit Updated on May 28, 2021

Secure the data transfer between Cassandra nodes and between the client machines and the Cassandra cluster by customizing the prconfig.xml file properties.

Client-to-node encryption properties

Client-to-node encryption protects the data that is transferring from client machines to the Cassandra cluster by using Secure Sockets Layer (SSL).
PropertyDefault valueAvailable values
dnode/cassandra_client_encryptionfalse
  • true
  • false
dnode/cassandra_client_encryption/client_authfalse
  • true
  • false
dnode/cassandra_client_encryption/store_typeThe value of the dnode/cassandra_internode_encryption/store_type property.
  • jks
  • pkcs12
dnode/cassandra_client_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_client_encryption/algorithmSunX509There are no other available values.
dnode/cassandra_client_encryption/keystoreThe value of the dnode/cassandra_internode_encryption/keystore property.The path to the keystore.
dnode/cassandra_client_encryption/keystore_passwordThe value of the dnode/cassandra_internode_encryption/keystore_password property.Not applicable
dnode/cassandra_client_encryption/truststorenullThe path to the truststore that is used only if you set the dnode/cassandra_client_encryption/client_auth property to true.
dnode/cassandra_client_encryption/truststore_passwordnullNot applicable.

Internode encryption properties

Internode encryption protects data transferring between nodes in the Cassandra cluster by using SSL.Note:

Starting in Pega Platform 8.6, the use of an internal Cassandra database is deprecated. On-premises systems that have been updated from earlier versions of Pega Platform can continue to use Cassandra in embedded mode. However, to ensure future compatibility, do not create any new environments using embedded Cassandra.

Environment propertyDefault valueAvailable values
dnode/cassandra_internode_encryptionnone
  • none
  • all
  • dc
  • rack
dnode/cassandra_internode_encryption/cipher_suitesnullA comma separated list of the TLS_RSA_WITH_AES_128_CBC_SHA ciphers.
dnode/cassandra_internode_encryption/client_authfalseNot applicable.
dnode/cassandra_internode_encryption/keystoreconf/keystoreThe path to the keystore.
dnode/cassandra_internode_encryption/keystore_passwordcassandraNot applicable.
dnode/cassandra_internode_encryption/store_typeJKS
  • jks
  • pkcs12
dnode/cassandra_internode_encryption/truststoreThe value of dnode/cassandra_internode_encryption/keystore.The path to truststore that is used only if you set the dnode/cassandra_internode_encryption/client_auth property to true.
dnode/cassandra_internode_encryption/truststore_passwordcassandraNot applicable.
Did you find this content helpful? YesNo

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us