Connection options

When you run dsetool commands, you can specify connection options to authenticate and connect to the target node. Provide the connection options before the command, subcommand, and options:

dsetool CONNECTION_OPTIONS [command] [subcommand] [options]

Some commands use JMX authentication, and others authenticate with the username and password of the configured user. You can provide authentication credentials in several ways. See Provide credentials from DSE tools.

To use Kerberos authentication, see Use dsetool with Kerberos-enabled Cluster.

Use the following options to connect and authenticate dsetool commands. If an option has a short and long form, both forms are provided for reference; only use one form in your commands.

--jmxusername

Username for authenticating with secure local JMX.

--jmxpassword

Password for authenticating with secure local JMX. If JMX authentication is required and you don’t provide a password, you are prompted to enter one.

-c, --cassandra_port dse_port

DSE port number.

--cipher-suites

Provide a comma-separated list of SSL cipher suites for connection to DSE when SSL is enabled. For example, --cipher-suites c1,c2,c3.

-f, --config-file config_filename

File path to configuration file that stores credentials.

The credentials in this configuration file override the credentials in ~/.dserc. If a credential isn’t specified in the given configuration file, then DSE uses the value set in ~/.dserc, if it exists.

The configuration file can contain DSE and JMX login credentials. For example:

username=<username>
password=<password>
jmx_username=<jmx_username>
jmx_password=<jmx_password>

The credentials in the configuration file are stored in plain text. DataStax recommends restricting access to this file only to the specific user.
--host

Provide the DSE node hostname or IP address. Omit if connecting to the local node.

You can also use the short form -h.

-j, --jmxport

Provide the remote JMX agent port number.

--keystore-path

Provide the path to the keystore for connection to DSE when SSL client authentication is enabled.

--keystore-password

Provide the keystore password for connection to DSE when SSL client authentication is enabled.

--keystore-type

Specify the keystore type for connection to DSE when SSL client authentication is enabled. JKS is the type for keys generated by the Java keytool binary, but other types are possible depending on user environment.

-l, --username

Specify the role name to authenticate for database access.

-p, --password

Provide the password to authenticate for database access.

-s, --port solr_port

Solr port.

--ssl

Boolean indicating whether to use SSL for native connections.

--ssl-protocol

SSL protocol for connection to DSE when SSL is enabled. For example: --ssl-protocol ssl4

--sslauth

Boolean indicating whether to use SSL client authentication.

--truststore_password

Truststore password to use for connection to DSE when SSL is enabled.

--truststore_path

Path to the truststore to use for connection to DSE when SSL is enabled. For example, --truststore-path /path/to/ts.

--truststore-type

Truststore type for connection to DSE when SSL is enabled. JKS is the type for keys generated by the Java keytool binary, but other types are possible, depending on user environment. For example, --truststore-type jks2.

Was this helpful?

Give Feedback

How can we improve the documentation?

© Copyright IBM Corporation 2025 | Privacy policy | Terms of use Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: Contact IBM