Downloading the generated CA cert

Download the CA certificate automatically generated by Lifecycle Manager after enabling client-to-node encryption. Configure your CQL clients to use the certificate.

Download the CA certificate automatically generated by Lifecycle Manager after enabling client-to-node encryption. Lifecycle Manager automates the process of preparing server certificates using an internal certificate authority. Configure your CQL clients to trust certificates signed by the certificate authority.

Prerequisites

Enable client-to-node encryption in the configuration profile associated with the cluster.

Procedure

  1. In the Clusters workspace of Lifecycle Manager, select the cluster in the Clusters pane.
    The Cluster Details for the cluster appears.

  2. In the Cluster Details pane, click the Download Cert link for CA Certificate.
    The browser downloads the certificate file.
  3. Use the CA Certificate to configure CQL clients to communicate over SSL/TLS. The process for configuring each CQL client is unique. Refer to the steps for configuring SSL/TLS for cqlsh as an example.
    Clients are able to connect to the DataStax Enterprise cluster via CQL over SSL/TLS.