Skip to content

Instantly share code, notes, and snippets.

View jasonmk's full-sized avatar

Jason M. Kusar jasonmk

9 followers · 0 following
View GitHub Profile
@jasonmk
jasonmk / gist:be5257c2b846c2b74c6c
Last active August 29, 2015 14:06
CQL-RB with 2-way SSL

Assumptions:

  • You have a internal CA as part of your organization that can be used to generate both client and server certificates
  • You have generated private keys and certificates signed by your CA for both the client and the server
  • You are using at least Cassandra 1.2.3

Certificates:

Getting the certificates in all the right places is probably the trickiest part. Basically, it goes like this:

@jasonmk
jasonmk / segfault_backtrace.txt
Created June 1, 2014 13:50
SegFault backtrace
[39] pry(main)> ssl_context.key = OpenSSL::PKey::RSA.new(key)
=> #<OpenSSL::PKey::RSA:0x00000105898f90>
[40] pry(main)> ssl_context.cert = OpenSSL::X509::Certificate.new(cert)
=> #<OpenSSL::X509::Certificate: subject=#<OpenSSL::X509::Name:0x00000104046c08>, issuer=#<OpenSSL::X509::Name:0x00000104046be0>, serial=#<OpenSSL::BN:0x00000104046bb8>, not_before=2010-12-07 17:39:41 UTC, not_after=2020-12-07 17:39:41 UTC>
[41] pry(main)> client = Cql::Client.connect(ssl: ssl_context)
/Users/jason/sade/ione/lib/ione/io/ssl_connection.rb:25: [BUG] Segmentation fault
ruby 2.0.0p481 (2014-05-08 revision 45883) [x86_64-darwin13.1.0]
-- Crash Report log information --------------------------------------------
See Crash Report log file under the one of following: