Cassandra requires an SSL connection between the client and the node to enable vSphere Replication Cloud Service to communicate with Cassandra.

Repeat the steps on every Cassandra node.


  1. Generate an SSL certificate by running the following command.
    # /opt/jdk_version/bin/keytool -keystore /etc/cassandra/conf/.keystore \
    -storepass vmware -validity 365 -storetype JKS -genkey -keyalg RSA \
    -alias cass-node-ip-address -dname 'cn=cass-node-ip-address, ou=DR2C, o=VMware, c=US' \
    -keypass vmware
  2. Export the Cassandra certificate to a PEM-formatted file.
    # /opt/jdk_version/bin/keytool -export -rfc \
    -keystore /etc/cassandra/conf/.keystore -storepass vmware \
    -file /root/cloud-cass-node-ip-address-node_number.pem -alias cass-node-ip-address
  3. Copy the .pem certificate file of each Cassandra node to the /root directory of the rest of the Cassandra nodes.
  4. Import each certificate to the truststore of every Cassandra host.
    # /opt/jdk_version/bin/keytool -noprompt -import -trustcacerts \
    -alias cass-node-ip-address -file /root/cloud-cass-node-ip-address-node_number.pem \
    -keystore /etc/cassandra/conf/.truststore -storepass vmware

    Every Cassandra truststore contains a copy of the .pem certificate of all the remaining nodes.