1. 首页
  2. 问答
  3. 设置安全的cassandra集群(java.lang.RuntimeException:无法设置安全管道)

设置安全的cassandra集群(java.lang.RuntimeException:无法设置安全管道)

2017-02-22 81 views
1

我已按照https://github.com/PatrickCallaghan/datastax-ssl-secure-cluster/blob/master/README.md上提及的步骤设置安全的SSL cassandra集群。我收到与“无法设置安全管道”相同的错误。我忽略了网站提到的我的cassandra.yaml密码套件,但我仍然得到相同的错误。设置安全的cassandra集群(java.lang.RuntimeException:无法设置安全管道)

我cassandra.yaml看起来是这样的:

client_encryption_options: 
    enabled: true 
    # If enabled and optional is set to true encrypted and unencrypted connections are handled. 
    optional: false 
    keystore: ***/ssl/cassandra3_keystore.jks 
    keystore_password: **** 
    # require_client_auth: false 
    # Set trustore and truststore_password if require_client_auth is true 
    # truststore: conf/.truststore 
    # truststore_password: cassandra 
    # More advanced defaults below: 
    # protocol: TLS 
    # algorithm: SunX509 
    # store_type: JKS 
    cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA]

有人能指导我什么,我能做什么呢? 以下是完整的错误跟踪:

Exception (java.lang.RuntimeException) encountered during startup: Failed to setup secure pipeline 
java.lang.RuntimeException: Failed to setup secure pipeline 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:354) 
    at org.apache.cassandra.transport.Server$SecureInitializer.<init>(Server.java:411) 
    at org.apache.cassandra.transport.Server.start(Server.java:152) 
    at org.apache.cassandra.service.NativeTransportService$$Lambda$203.0000000040E88830.accept(Unknown Source) 
    at java.util.Collections$SingletonSet.forEach(Collections.java:4778) 
    at org.apache.cassandra.service.NativeTransportService.start(NativeTransportService.java:128) 
    at org.apache.cassandra.service.CassandraDaemon.startNativeTransport(CassandraDaemon.java:633) 
    at org.apache.cassandra.service.CassandraDaemon.start(CassandraDaemon.java:495) 
    at org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:600) 
    at org.apache.cassandra.service.CassandraDaemon.main(CassandraDaemon.java:714) 
Caused by: java.io.IOException: Error creating the initializing the SSL Context 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:170) 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:350) 
    ... 9 more 
Caused by: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available 
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:171) 
    at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:12) 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:146) 
    ... 10 more 
ERROR 15:36:01 Exception encountered during startup 
java.lang.RuntimeException: Failed to setup secure pipeline 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:354) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.transport.Server$SecureInitializer.<init>(Server.java:411) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.transport.Server.start(Server.java:152) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.NativeTransportService$$Lambda$203.0000000040E88830.accept(Unknown Source) ~[na:na] 
    at java.util.Collections$SingletonSet.forEach(Collections.java:4778) ~[na:1.8.0-internal] 
    at org.apache.cassandra.service.NativeTransportService.start(NativeTransportService.java:128) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.startNativeTransport(CassandraDaemon.java:633) [apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.start(CassandraDaemon.java:495) [apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.activate(CassandraDaemon.java:600) [apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.service.CassandraDaemon.main(CassandraDaemon.java:714) [apache-cassandra-3.7.jar:3.7] 
Caused by: java.io.IOException: Error creating the initializing the SSL Context 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:170) ~[apache-cassandra-3.7.jar:3.7] 
    at org.apache.cassandra.transport.Server$AbstractSecureIntializer.<init>(Server.java:350) ~[apache-cassandra-3.7.jar:3.7] 
    ... 9 common frames omitted 
Caused by: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available 
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:171) ~[na:1.8.0-internal] 
    at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:12) ~[na:8.0 build_20150122] 
    at org.apache.cassandra.security.SSLFactory.createSSLContext(SSLFactory.java:146) ~[apache-cassandra-3.7.jar:3.7] 
    ... 10 common frames omitted

来源

2017-02-22 user1692342

+0

什么是你的'的Java -version'? –

回答

0

您可以通过重写两个节点到节点和客户端节点属性例如密码套件避开它 cipher_suites:[TLS_RSA_WITH_AES_128_CBC_SHA]

这是因为Oracle Java中存在以下问题。 http://www.pathin.org/tutorials/java-cassandra-cannot-support-tls_rsa_with_aes_256_cbc_sha-with-currently-installed-providers/

下载后,您可以将文件复制到服务器上的正确库。

例如

SCP *根@服务器:/ usr/lib中/ JVM/Java的7-ORACLE/JRE/lib/security中/

来源

2017-05-08 03:04:21 user2364791

相关问题

 相关问题