0

I am trying to convert node.js code to python 2.7. I am trying to connect to cassandra database with certificates.this is my node code.

var ssl_options = {
    key: fs.readFileSync('./certificates/cassandra/client/user.key.pem') ,
    cert: fs.readFileSync('./certificates/cassandra/client/user.cer.pem'),
    ca: [ fs.readFileSync('./certificates/cassandra/server/node0.cer.pem'),
    fs.readFileSync('./certificates/cassandra/server/node1.cer.pem') ]
};

  cassandra_client = new cassandra.Client(
    {
      contactPoints: utils.CASSANDRA_CONTACT_POINTS,
      sslOptions: ssl_options,
      policies: {
        loadBalancing : loadBalancingPolicy
      }
    });

Python code:

from cassandra.cluster import Cluster
from cassandra.policies import DCAwareRoundRobinPolicy


f1 = open("user.key.pem","r")
key = f1.read()
f2= open("user.cer","r")
cert = f2.read()
f3 = open("node1.cer.pem","r").read()
f4 = open("node1.cer.pem","r").read()
ca = [f3,f4]


ssl_options = {
    "key" : key ,
    "cert": cert,
    "ca": ca,
};

cluster = Cluster(
    ['10.0.1.13', '10.0.1.9'],
    load_balancing_policy=DCAwareRoundRobinPolicy(local_dc='dc1'),
    ssl_options=ssl_options)

I get an error

cassandra.cluster.NoHostAvailable: ('Unable to connect to any servers', {'10.0.1.13:9042': TypeError("wrap_socket() got an unexpected keyword argument 'cert'",), '10.0.1.9:9042': TypeError("wrap_socket() got an unexpected keyword argument 'cert'",)})

Am I doing something wrong while reading the certificates ?

chink
  • 1,505
  • 3
  • 28
  • 70

1 Answers1

0

The list of options passed to Python driver is really different from what you're passing in Node.js. You should use something like this (example is taken from documentation):

from cassandra.cluster import Cluster, Session
from ssl import SSLContext, PROTOCOL_TLSv1, CERT_REQUIRED

ssl_context = SSLContext(PROTOCOL_TLSv1)
ssl_context.load_verify_locations('/path/to/rootca.crt')
ssl_context.verify_mode = CERT_REQUIRED
ssl_context.load_cert_chain(
    certfile='/path/to/client.crt_signed',
    keyfile='/path/to/client.key')

cluster = Cluster(['127.0.0.1'], ssl_context=ssl_context)
session = cluster.connect()
Alex Ott
  • 80,552
  • 8
  • 87
  • 132
  • Thanks @Alex !! can the same certification files be used? bcoz the existing certificates are .pem files, while the certificates in examples are .crt_signed , .key files – chink Jul 26 '19 at 04:13
  • just convert them using OpenSSL: https://stackoverflow.com/questions/13732826/convert-pem-to-crt-and-key – Alex Ott Jul 28 '19 at 08:56