Setting up SSL for jconsole (JMX)

Using jconsole with SSL encryption.

Using jconsole with SSL requires the same JMX changes to as nodetool. See Setting up SSL for nodetool, dsetool, and dse advrep. There is no need to create, but the same JVM keystore and truststore options must be specified with jconsole on the command line.

The location of the file depends on the type of installation:
Package installations /etc/dse/cassandra/
Tarball installations installation_location/resources/cassandra/conf/


Prepare SSL certificates with a self-signed CA for production, or prepare SSL certificates for development. Additionally, configure client-to-node encryption.


  1. Copy the keystore and truststore files created in the prerequisite to the node where jconsole will be run. In this example, the files are server-keystore.jks and server-truststore.jks.
  2. Run jconsole using the JVM options:

    If no errors occur, jconsole will start. If connecting to a remote node, enter the hostname and JMX port, in Remote Process. If using authentication, enter the username and password.