Bringing together the Apache Cassandra experts from the community and DataStax.

Want to learn? Have a question? Want to share your expertise? You are in the right place!

Not sure where to begin? Getting Started

 

question

Manish.saraswat.co.mk_193629 avatar image
Manish.saraswat.co.mk_193629 asked ·

How do I encrypt the keystore password user by the Java driver?

Hi Everyone.

With the ref of: https://docs.datastax.com/en/developer/java-driver/4.5/manual/core/ssl/

I have added the following configuration in Datasatax driver configuration (Datastax driver read this configuration file and help our client application to communicate with Cassandra database)

datastax-java-driver {
  advanced.ssl-engine-factory {
    class = DefaultSslEngineFactory
    // cipher-suites = [ "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA" 
    // hostname-validation = true

    // truststore-path = /path/to/client.truststore
    // truststore-password = password123
    // keystore-path = /path/to/client.keystore
    // keystore-password = password123
  }
}

Now the question is How can I provide encrypted passwords instead of plain text?

Is there any way to encrypt SSL keystore password in datastax-driver configuration file? (keeping passoword as plain text not seems good)

For keeping the solution as much simple I don't want to implement custom SslEngineFactory (Does DataStax driver support this out of the box ?)

Every little help would be appreciated. Thanks :)


java driver
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Erick Ramirez avatar image
Erick Ramirez answered ·

The Java driver does not yet support encrypted keystore and truststore passwords. It is on the roadmap and the feature request is planned as JAVA-2648.

We cannot give any estimates at this point on when it will be implemented. Cheers!

Share
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.