Connecting sstableloader to a secured cluster

Steps (for a development environment) to configure the sstableloader (bulk loader) with Kerberos or SSL.

The sstableloader tool is also called bulkloader. If you run sstableloader from a DataStax Enterprise node that has been configured for Kerberos or client-to-node/node-to-node encryption using SSL, no additional configuration is required for securing sstableloader operations. sstableloader automatically detects the configuration. On an unconfigured development machine, however, configure Kerberos or SSL as follows:

To use SSL to connect to an unsecured DataStax Enterprise node from a development system use the sstableloader script to load SSTables into a cluster with client-to-node/node-to-node SSL encryption enabled. Use the following basic options:

resources/cassandra/bin/sstableloader -d 192.168.56.102 /var/lib/cassandra/data/Keyspace1/Standard1 \
  -tf org.apache.cassandra.thrift.SSLTransportFactory \
  -ts /path/to/truststore \
  -tspw truststore_password

If you want to configure require_client_auth=true on the target, set these additional options:

resources/cassandra/bin/sstableloader -d 192.168.56.102 /var/lib/cassandra/data/Keyspace1/Standard1 \
  -tf org.apache.cassandra.thrift.SSLTransportFactory \
  -ts /path/to/truststore \
  -tspw truststore_password \
  -ks /path/to/keystore \
  -kspw keystore_password