Setting up SSL for JConsole (JMX)

Use JConsole with SSL encryption.

Using JConsole with SSL requires the same JMX changes to as nodetool. See Configuring SSL for nodetool, nodesync, dsetool, and Advanced Replication. You do not need to create a file, but the same JVM keystore and truststore options must be specified with jconsole on the command line.

The location of the file depends on the type of installation:
Package installations /etc/dse/cassandra/
Tarball installations installation_location/resources/cassandra/conf/


  1. Create SSL certificates with a self-signed CA for production environments, or create SSL certificates for development environments.
  2. Configure client-to-node encryption


  1. Copy the keystore and truststore files to the node where JConsole will be run. In this example, the files are server-keystore.jks and server-truststore.jks.
  2. Run jconsole using the JVM options:

    If no errors occur, JConsole starts. If connecting to a remote node, select Remote Process and enter the hostname and JMX port. If using authentication, enter the username and password. See Using JConsole for more information.