Unknown macro: {next_previous_link3}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Current »

Follow the steps below to secure the data connection between Hive/Hadoop in WSO2 BAM and Cassandra server.

You can use the following instructions for external Cassandra instances.

  1. Download and install appropriate java security libraries (JCE libraries) into <JRE_HOME>/lib/security/ directory.
  2. Add the following configurations under client_encryption_options in the cassandra.yaml file of the external Cassandra instance(s):

    client_encryption_options: 
        enabled: true 
        keystore: [Key Store Path] 
        keystore_password: [Key Store Password] 
        require_client_auth: false 
        # Set trustore and truststore_password if require_client_auth is true 
        # truststore: [Trust Store Path] 
        # truststore_password: [Trust Store Password] 
        # More advanced defaults below: 
        protocol: SSL 
        algorithm: SunX509 
        store_type: JKS 
        cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA] 
  3. If the Cassandra connection is successfully secured,  you will see the message below in the Cassandra server startup.
  4.  Add the following client side (Hector) system property configurations in <PRODUCT_HOME>/bin/wso2server.sh file and start WSO2 BAM server:

    -Dssl.protocol=TLS
    -Dssl.cipher.suites=TLS_RSA_WITH_AES_256_CBC_SHA
    -Dssl.store.type=JKS
    -Dssl.truststore=[Trust store path]
    -Dssl.truststore.password=[Trust store password]

If you're using a distributed clustered BAM setup with an external Hadoop cluster, then all the Hadoop nodes must have this 'trust store' of the above configurations within the same folder structure, which is mentioned in <PRODUCT_HOME>/bin/wso2server.sh file.

  • No labels