Manage the secure connect bundle
The secure connect bundle (SCB) is a zip file with connection credentials required for mutual TLS and your secure Astra connection. It provides maximum security and allows your application to benefit from driver features such as health check, load balancing, and failover. The driver needs to keep up to date with the status of each node (availability, token range) to route the request to the proper nodes.
Secure connect bundle contents
| File | Contents |
|---|---|
|
DataStax’s Certificate Authority public certificate. |
|
A certificate, unique to the specific secure connect bundle. |
|
A private key, unique to the specific secure connect bundle. |
|
A PFX formatted archive containing the certificate and the private key. |
|
A configuration file with information on how to securely connect to the Astra DB instance associated with the secure connect bundle. |
|
A CQLSH profile containing CQL shell session settings. |
|
A Java keystore file containing the aforementioned cert & key files. |
|
A Java keystore file containing the aforementioned ca.crt. |
Download the secure connect bundle
To get the necessary security credentials and certificates for connecting drivers to your Astra DB vector database, download the SCB.
|
For security purposes, the SCB download link expires after five minutes. Once the download link expires, you must generate a new download link. Once downloaded, the SCB never expires. |
-
Astra Portal
-
DevOps API
You can download a secure connect bundle in the Astra Portal.
-
Serverless (Vector) databases
-
Serverless (Non-Vector) databases
To download a secure connect bundle for a Serverless (Vector) database, do the following:
-
In the Astra Portal navigation menu, click your database.
-
On the Overview page, under Database Details, locate the Region section.
-
Click More, and then select Download secure connect bundle.
Multi-region databases have a different secure connect bundle for each region.
-
Download the secure connect bundle.
To download a secure connect bundle for a Serverless (Non-Vector) database, do the following:
-
In the Astra Portal navigation menu, click your database.
-
On the Overview page, select Connect.
-
In the Database Essentials section, click Get Bundle.
-
In Secure Connect Bundle Download, select the region for which to download the bundle.
Multi-region databases have a different secure connect bundle for each region.
-
Click Download Secure Bundle.
You can use the DevOps API to get a temporary URL to download the SCB for a specific database.
-
Send a
POSTrequest to the Obtain zip for connecting to the database endpoint:curl --location --request POST 'https://api.astra.datastax.com/v2/databases/*DATABASE_ID*/secureBundleURL' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer *APPLICATION_TOKEN*' \ --data-raw '[ "all": true ]'For multi-region databases or databases with multiple custom domains, set
alltotrueto get SCB download links for all regions and domains. -
Use the download link in the response to download the SCB zip file.
The secure connect bundle is a zip file named secure-connect-DATABASE_NAME.zip.
Share the secure connect bundle
You can share the SCB credentials and connection details with other team members who need to work in your database.
|
Be careful when sharing connection details. These credentials grant users access to your Astra DB database with ownership capabilities, such as modifying or deleting the database. For security purposes, practice responsible and secure credential management, and clean up any downloaded SCBs when they are no longer needed. |
