question

DataStax CPP driver version: 2.15.2

Cassandra version: Apache Cassandra 3.11.6

Environment: Debian GNU/Linux 10 (buster)

I am trying to use the datastax cpp driver to connect to a Cassandra instance that has been configured to use SSL. However, when trying with this sample code:

int main(void)
{
        cass_log_set_level(CASS_LOG_TRACE);

        CassCluster *cluster = cass_cluster_new();
        CassSsl *ssl = cass_ssl_new();
        cass_ssl_add_trusted_cert(ssl, server_ca_cert);
        cass_ssl_set_verify_flags(ssl, CASS_SSL_VERIFY_PEER_CERT);
        cass_cluster_set_ssl(cluster, ssl);
        cass_ssl_free(ssl);

        cass_cluster_set_contact_points(cluster, "127.0.0.1");
        cass_cluster_set_protocol_version(cluster, CASS_PROTOCOL_VERSION_V4);

        CassSession *session = cass_session_new();
        cass_session_connect_keyspace(session, cluster, "test");

        cass_session_free(session);
        cass_cluster_free(cluster);
}

I get following Trace output:

1598257812.684 [INFO] (session_base.cpp:86:datastax::internal::core::Future::Ptr datastax::internal::core::SessionBase::connect(const datastax::internal::core::Config&, const String&)): Client id is bbfda964-ddca-4e3c-84fb-cd84d1bbffb1
1598257812.684 [INFO] (session_base.cpp:87:datastax::internal::core::Future::Ptr datastax::internal::core::SessionBase::connect(const datastax::internal::core::Config&, const String&)): Session id is b9e80f52-9a90-4667-8272-77a3211488a3
1598257812.685 [DEBUG] (socket_connector.cpp:226:void datastax::internal::core::SocketConnector::on_connect(datastax::internal::core::TcpConnector*)): Connected to host 127.0.0.1 on socket(0x7f4ea00010c0)
1598257812.699 [TRACE] (connection.cpp:172:int32_t datastax::internal::core::Connection::write(const Ptr&)): Sending message type CQL_OPCODE_STARTUP with stream 0 on host 127.0.0.1
1598257812.699 [TRACE] (socket.cpp:148:void SslSocketWrite::encrypt()): Copying 2 bufs
1598257812.699 [TRACE] (socket.cpp:186:void SslSocketWrite::encrypt()): Copied 157 bytes for encryption
1598257812.699 [TRACE] (socket.cpp:129:virtual size_t SslSocketWrite::flush()): Sending 179 encrypted bytes
1598257812.701 [TRACE] (connection.cpp:277:void datastax::internal::core::Connection::on_read(const char*, size_t)): Consumed message type CQL_OPCODE_READY with stream 0, input 9, remaining 9 on host 127.0.0.1
1598257812.701 [TRACE] (connection.cpp:172:int32_t datastax::internal::core::Connection::write(const Ptr&)): Sending message type CQL_OPCODE_REGISTER with stream 64 on host 127.0.0.1
1598257812.701 [TRACE] (socket.cpp:148:void SslSocketWrite::encrypt()): Copying 2 bufs
1598257812.701 [TRACE] (socket.cpp:186:void SslSocketWrite::encrypt()): Copied 58 bytes for encryption
1598257812.701 [TRACE] (socket.cpp:129:virtual size_t SslSocketWrite::flush()): Sending 80 encrypted bytes
1598257812.702 [TRACE] (connection.cpp:277:void datastax::internal::core::Connection::on_read(const char*, size_t)): Consumed message type CQL_OPCODE_READY with stream 64, input 9, remaining 9 on host 127.0.0.1
1598257812.702 [TRACE] (connection.cpp:172:int32_t datastax::internal::core::Connection::write(const Ptr&)): Sending message type CQL_OPCODE_QUERY with stream 192 on host 127.0.0.1
1598257812.702 [TRACE] (socket.cpp:148:void SslSocketWrite::encrypt()): Copying 3 bufs
1598257812.702 [TRACE] (socket.cpp:186:void SslSocketWrite::encrypt()): Copied 60 bytes for encryption
1598257812.702 [TRACE] (socket.cpp:129:virtual size_t SslSocketWrite::flush()): Sending 82 encrypted bytes
1598257812.702 [TRACE] (connection.cpp:172:int32_t datastax::internal::core::Connection::write(const Ptr&)): Sending message type CQL_OPCODE_QUERY with stream 128 on host 127.0.0.1
1598257812.703 [ERROR] (socket.cpp:216:virtual void datastax::internal::core::SslSocketHandler::on_read(datastax::internal::core::Socket*, ssize_t, const uv_buf_t*)): Unable to decrypt data: 
1598257812.703 [DEBUG] (socket.cpp:373:void datastax::internal::core::Socket::handle_close()): Socket(0x7f4ea0001c30) to host 127.0.0.1 closed
1598257812.703 [ERROR] (cluster_connector.cpp:234:void datastax::internal::core::ClusterConnector::on_connect(datastax::internal::core::ControlConnector*)): Unable to establish a control connection to host 127.0.0.1 because of the following error: Error running host queries on control connection: Request timed out

and on cassandra logs I can see

io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 0400008007000000210000001a53454c454354202a2046524f4d2073797374656d2e7065657273000a00

which indicates that SSL is not being attempted. Any suggestion as to what I am doing wrong here?

Additional information at https://gist.github.com/cmouse/264034469d4327fe1cbe08f2a6a920ed