I have setup a single DSE v5.1.15 node SSL enabled cluster and tried to cqlsh from the same node. I have enabled client to node encryption.
Below are the configurations and error that I am getting.
Commands used for generating SSL certs:
### custerkey setup
keytool -genkey -validity 2693 -alias cassandra02_CLUSTER -keyalg RSA -keystore cassandra02.jks keytool -export -alias cassandra02_CLUSTER -file cassandra02_CLUSTER_PUBLIC.cer -keystore cassandra02.jk keytool -importcert -v -trustcacerts -alias cassandra02_CLUSTER -file cassandra02_CLUSTER_PUBLIC.cer -keystore CassandraTruststore.ts
===================================
### Client key setup.
keytool -genkey -validity 2693 -alias cassandra02_CLIENT -keyalg RSA -keystore cassandra02.jk keytool -export -alias cassandra02_CLIENT -file cassandra02_CLIENT_PUBLIC.cer -keystore cassandra02.jks keytool -importcert -v -trustcacerts -alias cassandra02_CLIENT -file cassandra02_CLIENT_PUBLIC.cer -keystore CassandraTruststore.ts
## exporting .pem files
keytool -importkeystore -srckeystore cassandra02.jks -srcstoretype JKS -destkeystore cassandra02.p12 -deststoretype PKCS12 openssl pkcs12 -in cassandra02.p12 -nokeys -out cassandra02_CLIENT.cer.pem openssl pkcs12 -in cassandra02.p12 -nodes -nocerts -out cassandra02_CLIENT.key.pem
##cqlshrc file
[connection] hostname = 172.31.39.156 port = 9042 factory = cqlshlib.ssl.ssl_transport_factory [ssl] certfile = /home/cassandra/certs/cassandra02_CLIENT.cer.pem validate = false
cassandr.yaml configurations
Error:
