nodetool createsystemkey
Synopsis
nodetool createsystemkey ALGORITHM KEY_STRENGTH [FILENAME]
Replace the following:
-
ALGORITHM: The cipher algorithm to use for encryption.
-
KEY_STRENGTH: The key strength in bits. For example, 128, 192, 256.
-
FILENAME: The filename for the generated system key file.
Syntax conventions | Description |
---|---|
UPPERCASE |
Literal keyword. |
Lowercase |
Not literal. |
|
Variable value. Replace with a valid option or user-defined value. |
|
Optional.
Square brackets ( |
|
Group.
Parentheses ( |
|
Or.
A vertical bar ( |
|
Repeatable.
An ellipsis ( |
|
Single quotation ( |
|
Map collection.
Braces ( |
|
Set, list, map, or tuple.
Angle brackets ( |
|
End CQL statement.
A semicolon ( |
|
Separate the command line options from the command arguments with two hyphens ( |
|
Search CQL only: Single quotation marks ( |
|
Search CQL only: Identify the entity and literal value to overwrite the XML element in the schema and solrconfig files. |
- cipher_algorithm[/mode/padding]
-
Hyper-Converged Database (HCD) supports the following JCE cipher algorithms:
-
AES/CBC/PKCS5Padding (valid with length 128, 192, or 256)
-
AES/ECB/PKCS5Padding (valid with length 128, 192, or 256)
-
DES/CBC/PKCS5Padding (valid with length 56)
-
DESede/CBC/PKCS5Padding (valid with length 112 or 168)
-
Blowfish/CBC/PKCS5Padding (valid with length 32-448)
-
RC2/CBC/PKCS5Padding (valid with length 40-128) Default value: AES/CBC/PKCS5Padding (with length 128)
-
- -d directory, --directory directory
-
Key file output directory. Enables creating key files before HCD is installed. This option is typically used by IT automation tools like Ansible. When no directory is specified, keys are saved to the default system key directory.
- length
-
Required if cipher_algorithm is specified. Key length is not required for HMAC algorithms. Default value: 128 (with the default cipher algorithm AES/CBC/PKCS5Padding)
- filename
-
Optional. The filename for the generated system key file. When no filename is specified, the default file name is
system_key
.
Examples
To create a local key file:
nodetool createsystemkey 'AES/ECB/PKCS5Padding' 128
This creates a system key with the default filename system_key
.
To create a key file with a specific name:
nodetool createsystemkey 'AES/ECB/PKCS5Padding' 128 my_key
This creates a system key with the specified filename.
To create a key file in a specific directory:
nodetool createsystemkey 'AES/ECB/PKCS5Padding' 128 my_key -d /mydir
This creates a system key with the specified filename in the specified directory.