Versions Compared

Old Version 8

changes.mady.by.user Former user

Saved on

compared with

New Version 9

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Download and install appropriate java security libraries (JCE libraries) into <JRE_HOME>/lib/security/ directory.

  2. Add the following configurations under client_encryption_options in <PRODUCT _HOME>/repository/conf/etc/the cassandra.yaml file of the external Cassandra instance(s):

    Code Block
    languagetext
    client_encryption_options: 
    enabled: true 
    keystore: [Key Store Path] 
    keystore_password: [Key Store Password] 
    require_client_auth: false 
    # Set trustore and truststore_password if require_client_auth is true 
    # truststore: [Trust Store Path] 
    # truststore_password: [Trust Store Password] 
    # More advanced defaults below: 
    protocol: SSL 
    algorithm: SunX509 
    store_type: JKS 
    cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]
  3. If the Cassandra connection is successfully secured,  you will see the message below in the Cassandra server startup.

  4.  Add the following client side (Hector) system property configurations in <PRODUCT_HOME>/bin/wso2server.sh file and start WSO2 BAM server:

    Code Block
    languagetext
    -Dssl.protocol=TLS
-Dssl.cipher.suites=TLS_RSA_WITH_AES_256_CBC_SHA
-Dssl.store.type=JKS
-Dssl.truststore=[Trust store path]
-Dssl.truststore.password=[Trust store password]

...