Set up SSL for JConsole (JMX)

Using JConsole with SSL requires the same JMX changes to cassandra-env.sh as nodetool.

The location of the cassandra-env.sh file depends on your installation type.

  • Package installations

  • Tarball installations

/etc/hcd/cassandra/cassandra-env.sh
INSTALLATION_LOCATION/resources/cassandra/conf/cassandra-env.sh

Replace INSTALLATION_LOCATION with the path where you extracted the HCD tarball.

See Configure SSL for nodetool and Advanced Replication.

You do not need to create a nodetool-ssl.properties file, but the same JVM keystore and truststore options must be specified with jconsole on the command line.

Prerequisites

  1. Create SSL certificates with a self-signed CA for production environments, or create SSL certificates for development environments.

  2. Configure client-to-node encryption

Use JConsole with SSL

  1. Copy the keystore and truststore files to the node where JConsole is to be run. In this example, the files are server-keystore.jks and server-truststore.jks.

  2. Run jconsole using the JVM options:

    jconsole -J-Djavax.net.ssl.keyStore=<server-keystore.jks>
-J-Djavax.net.ssl.keyStorePassword=<keystore-password>
-J-Djavax.net.ssl.trustStore=<server-truststore.jks>
-J-Djavax.net.ssl.trustStorePassword=<truststore-password>

    If no errors occur, JConsole starts. If connecting to a remote node, select Remote Process and enter the hostname and JMX port. If using authentication, enter the username and password. See Using JConsole for more information.

Was this helpful?

Give Feedback

How can we improve the documentation?

© Copyright IBM Corporation 2025 | Privacy policy | Terms of use Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: Contact IBM