Setting up SSL for jconsole (JMX)
Using jconsole with SSL encryption.
Using jconsole
with SSL requires the same JMX changes to
cassandra-env.sh as described in using nodetool (JMX) with SSL encryption.
There is no need to create nodetool-ssl.properties
, but the same
JVM keystore and truststore options must be specified with jconsole
on the command line.
cassandra-env.sh
The location of the cassandra-env.sh file depends on the type of installation:
Package installations |
/etc/dse/cassandra/cassandra-env.sh |
Tarball installations |
installation_location/resources/cassandra/conf/cassandra-env.sh |
Prerequisites
Procedure
-
Copy the keystore and truststore files created in the prerequisite to the node
where jconsole will be run. In this example, the files are
server-keystore.jks
andserver-truststore.jks
. -
Run
jconsole
using the JVM options:jconsole -J-Djavax.net.ssl.keyStore=server-keystore.jks -J-Djavax.net.ssl.keyStorePassword=myKeyPass -J-Djavax.net.ssl.trustStore=server-truststore.jks -J-Djavax.net.ssl.trustStorePassword=truststorePass
If no errors occur,
jconsole
will start. If connecting to a remote node, enter the hostname and JMX port, in Remote Process. If using authentication, enter the username and password.