This project is a simple demo for AWS keyspace. For more application , I also integrate with spring JAP and Mysql
-
You need to generate a truststore.jks file and application.conf
Follow Link Amazon Keyspaces (for Apache Cassandra)
just do it step by step
-
If you have not already done so, sign up for an AWS account by following the steps at Signing up for AWS.
-
Create credentials by following the steps at Creating credentials to access Amazon Keyspaces programmatically.
-
Download the AWS CLI at http://aws.amazon.com/cli .
-
Follow the instructions for Installing the AWS CLI and Configuring the AWS CLI in the AWS Command Line Interface User Guide.
-
Using the AWS CLI, run the following command to generate service-specific credentials for the user
alice
, so that she can access Amazon Keyspaces.aws iam create-service-specific-credential \ --user-name alice \ --service-name cassandra.amazonaws.com
The output looks like the following.
{ "ServiceSpecificCredential": { "CreateDate": "2019-10-09T16:12:04Z", "ServiceName": "cassandra.amazonaws.com", "ServiceUserName": "alice-at-111122223333", "ServicePassword": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "ServiceSpecificCredentialId": "ACCAYFI33SINPGJEBYESF", "UserName": "alice", "Status": "Active" } }
-
-
Create a JKS trust store file.
-
Download the Starfield digital certificate using the following command and save
sf-class2-root.crt
locally or in your home directory.curl https://certs.secureserver.net/repository/sf-class2-root.crt -O
-
Convert the Starfield digital certificate into a trustStore file.
openssl x509 -outform der -in sf-class2-root.crt -out temp_file.der keytool -import -alias cassandra -keystore cassandra_truststore.jks -file temp_file.der
In this step, you need to create a password for the keystore and trust this certificate. The interactive command looks like this.
Enter keystore password: Re-enter new password: Owner: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Issuer: OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US Serial number: 0 Valid from: Tue Jun 29 17:39:16 UTC 2004 until: Thu Jun 29 17:39:16 UTC 2034 .......... ... Trust this certificate? [no]: y
-
-
Create an
application.conf
filedatastax-java-driver { basic.request.consistency = LOCAL_QUORUM basic.contact-points = ["yours"] advanced.auth-provider{ class = PlainTextAuthProvider username = "yours" password = "yours" } basic.load-balancing-policy { local-datacenter = "yours ex: ap-northeast-1" } advanced.ssl-engine-factory { class = DefaultSslEngineFactory truststore-path = "./src/main/resources/cassandra_truststore.jks" truststore-password = "" hostname-validation = false } }
-
-
put
application.conf
andcassandra_truststore.jks
in resources folderspring: main: allow-bean-definition-overriding: true http: encoding: force: true jpa: open-in-view: true properties: hibernate: dialect: org.hibernate.dialect.MySQL5Dialect datasource: url: jdbc:mysql://localhost:3306/animal_sys username: root password: password driver-class-name: com.mysql.cj.jdbc.Driver data: cassandra: config: classpath:application.conf // if use spring-boot-starter-data-cassandra. it works. ssl: true keyspace-name: skskeyspace1 port: 9142 contact-points: cassandra.ap-northeast-1.amazonaws.com username: password: ssl: trustStore: trustStoreLocation: /cassandra_truststore.jks trustStorePassword:
-
more tips for
pom.xml
if you want use mysql comment out follows:
<-- <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> -->
if you want use spring cassandra auto configure with spring.data.cassandra in properties, add follows
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-cassandra</artifactId> </dependency>