Bringing together the Apache Cassandra experts from the community and DataStax.

Want to learn? Have a question? Want to share your expertise? You are in the right place!

Not sure where to begin? Getting Started

 

question

Manish.saraswat.co.mk_193629 avatar image
Manish.saraswat.co.mk_193629 asked Erick Ramirez answered

How do I encrypt the keystore password user by the Java driver?

Hi Everyone.

With the ref of: https://docs.datastax.com/en/developer/java-driver/4.5/manual/core/ssl/

I have added the following configuration in Datasatax driver configuration (Datastax driver read this configuration file and help our client application to communicate with Cassandra database)

datastax-java-driver {
  advanced.ssl-engine-factory {
    class = DefaultSslEngineFactory
    // cipher-suites = [ "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA" 
    // hostname-validation = true

    // truststore-path = /path/to/client.truststore
    // truststore-password = password123
    // keystore-path = /path/to/client.keystore
    // keystore-password = password123
  }
}

Now the question is How can I provide encrypted passwords instead of plain text?

Is there any way to encrypt SSL keystore password in datastax-driver configuration file? (keeping passoword as plain text not seems good)

For keeping the solution as much simple I don't want to implement custom SslEngineFactory (Does DataStax driver support this out of the box ?)

Every little help would be appreciated. Thanks :)


java driver
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Erick Ramirez avatar image
Erick Ramirez answered

The Java driver does not yet support encrypted keystore and truststore passwords. It is on the roadmap and the feature request is planned as JAVA-2648.

We cannot give any estimates at this point on when it will be implemented. Cheers!

Share
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.