Database Reference
In-Depth Information
// path to keystore
keystore: /home/impadmin/keys/server.jks
// keystore password
keystore_password: server
The following shows the configuration changes required in
cas-
sandra.yaml
to configure keystore and truststore paths:
# enable or disable client/server encryption.
client_encryption_options:
enabled: false
keystore: /home/impadmin/keys/server.jks
keystore_password: server
# require_client_auth: false
# Set trustore and truststore_password if
require_client_auth is true
truststore: /home/impadmin/keys/
.truststore
truststore_password: client
# More advanced defaults below:
protocol: TLS
algorithm: SunX509
store_type: JKS
cipher_suites:
[TLS ECDHE RSA WITH AES 256
CBC SHA, TLS DHE RSA WITH AES 128 CBC SHA,
TLS ECDH ECDSA WITH AES 128 CBC SHA, TLS DHE
RSA WITH AES 256 CBC SHA,
SSL DHE RSA WITH 3DES EDE CBC SHA, TLS ECDH
RSA WITH AES 256 CBC SHA, SSL RSA WITH RC4
128 SHA, TLS ECDH ECDSA WITH 3DES EDE CBC
SHA, TLS ECDHE RSA WITH RC4 128 SHA,
TLS ECDH ECDSA WITH RC4 128 SHA, TLS ECDHE
ECDSA WITH RC4 128 SHA, TLS ECDHE RSA WITH
AES 128 CBC SHA, TLS ECDHE ECDSA WITH 3DES
EDE CBC SHA,
TLS ECDH RSA WITH RC4 128 SHA, TLS EMPTY
