Cassandra
“無法綁定到埠”啟用 Cassandra 客戶端加密
我在 Debian 7 上執行帶有三節點集群的 Cassandra 1.2。集群執行良好。但我想為客戶端啟用加密,如此處所述:ttp://www.datastax.com/documentation/cassandra/1.2/webhelp/cassandra/security/secureSSLClientToNode_t.html
但是當我在進行必要的配置更改後重新啟動 Cassandra 時,我在日誌中收到此錯誤,並且 Cassandra 崩潰:
INFO 20:12:16,734 enabling encrypted thrift connections between client and server java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243) Caused by: java.lang.RuntimeException: Unable to create thrift socket to /192.168.0.1:9160 at org.apache.cassandra.thrift.CustomTThreadPoolServer$Factory.buildTServer(CustomTThreadPoolServer.java:267) at org.apache.cassandra.thrift.TServerCustomFactory.buildTServer(TServerCustomFactory.java:46) at org.apache.cassandra.thrift.ThriftServer$ThriftServerThread.<init>(ThriftServer.java:105) at org.apache.cassandra.thrift.ThriftServer.start(ThriftServer.java:52) at org.apache.cassandra.service.CassandraDaemon.start(CassandraDaemon.java:400) ... 5 more Caused by: org.apache.thrift.transport.TTransportException: Could not bind to port 9160 at org.apache.thrift.transport.TSSLTransportFactory.createServer(TSSLTransportFactory.java:117) at org.apache.thrift.transport.TSSLTransportFactory.getServerSocket(TSSLTransportFactory.java:103) at org.apache.cassandra.thrift.CustomTThreadPoolServer$Factory.buildTServer(CustomTThreadPoolServer.java:257) ... 9 more Caused by: java.lang.IllegalArgumentException: Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with currently installed providers at sun.security.ssl.CipherSuiteList.<init>(Unknown Source) at sun.security.ssl.SSLServerSocketImpl.setEnabledCipherSuites(Unknown Source) at org.apache.thrift.transport.TSSLTransportFactory.createServer(TSSLTransportFactory.java:113) ... 11 more Cannot start daemon Service exit with a return value of 5
我錯過了什麼?
您需要添加 java 加密擴展。在此處查看有關此問題的部落格文章: