Connecting sstableloader to a secured cluster

The sstableloader tool is also called bulk loader. If you run sstableloader from a DataStax Enterprise node that has been configured for Kerberos or client-to-node/node-to-node encryption using SSL, no additional configuration is needed for securing sstableloader operations. sstableloader automatically detects the configuration. On an unconfigured development machine, however, configure Kerberos or SSL as follows:

To use SSL to connect to an unsecured DataStax Enterprise node from a development system use the sstableloader script to load SSTables into a cluster with client-to-node/node-to-node SSL encryption enabled. Use the following basic options:

resources/cassandra/bin/sstableloader -d /var/lib/cassandra/data/Keyspace1/Standard1 \
  -tf org.apache.cassandra.thrift.SSLTransportFactory \
  -ts /path/to/truststore \
  -tspw truststore_password

If you want to configure require_client_auth=true on the target, set these additional options:

resources/cassandra/bin/sstableloader -d /var/lib/cassandra/data/Keyspace1/Standard1 \
  -tf org.apache.cassandra.thrift.SSLTransportFactory \
  -ts /path/to/truststore \
  -tspw truststore_password \
  -ks /path/to/keystore \
  -kspw keystore_password

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000,