SSL encryption

Topics for using SSL in Cassandra.

The Secure Socket Layer (SSL) is a cryptographic protocol used to secure communications between computers. For reference, see SSL in wikipedia.

Briefly, it works in the following manner. A client and server are defined as two entities that are communicating with one another, either software or hardware. These entities must exchange information to set up trust between them. Each entity that will provide such information must have a generated key that consists of a private key that only the entity stores and a public key that can be exchanged with other entities. If the client wants to connect to the server, the client requests the secure connection and the server sends a certificate that includes its public key. The client checks the validity of the certificate by exchanging information with the server, which the server validates with its private key. If a two-way validation is desired, this process must be carried out in both directions. Private keys are stored in the keystore and public keys are stored in the truststore.

For Cassandra, the entities can be nodes or one of the tools such as cqlsh or nodetool running on either a local node or a remote node.