Setting up SSL for JConsole (JMX)

Using JConsole with SSL requires the same JMX changes to cassandra-env.sh as nodetool.

The location of the cassandra-env.sh file depends on the type of installation:

  • Package installations: /etc/dse/cassandra/cassandra-env.sh

  • Tarball installations: <installation_location>/resources/cassandra/conf/cassandra-env.sh

See Configuring SSL for nodetool, nodesync, dsetool, and Advanced Replication. You do not need to create a nodetool-ssl.properties file, but the same JVM keystore and truststore options must be specified with jconsole on the command line.

Prerequisites

  1. Create SSL certificates with a self-signed CA for production environments, or create SSL certificates for development environments.

  2. Configure client-to-node encryption

Procedure

  1. Copy the keystore and truststore files to the node where JConsole is to be run. In this example, the files are server-keystore.jks and server-truststore.jks.

  2. Run jconsole using the JVM options:

    jconsole -J-Djavax.net.ssl.keyStore=<server-keystore.jks>
-J-Djavax.net.ssl.keyStorePassword=<keystore-password>
-J-Djavax.net.ssl.trustStore=<server-truststore.jks>
-J-Djavax.net.ssl.trustStorePassword=<truststore-password>

    If no errors occur, JConsole starts. If connecting to a remote node, select Remote Process and enter the hostname and JMX port. If using authentication, enter the username and password. See Using JConsole for more information.

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com