Was this page helpful?
Caution
You're viewing documentation for an unstable version of Scylla Rust Driver. Switch to the latest stable version.
Driver uses the openssl
crate for TLS functionality.
It was chosen because rustls
doesn’t support certificates for ip addresses
(see issue), which is a common use case for Scylla.
openssl
is not a pure Rust library so you need enable a feature and install the proper package.
To enable the tls
feature add in Cargo.toml
:
scylla = { version = "0.4", features = ["ssl"] }
openssl = "0.10.32"
Then install the package with openssl
:
Debian/Ubuntu:
apt install libssl-dev pkg-config
Fedora:
dnf install openssl-devel
Arch:
pacman -S openssl pkg-config
To use tls you will have to create an openssl
SslContext
and pass it to SessionBuilder
For example, if database certificate is in the file ca.crt
:
use scylla::{Session, SessionBuilder};
use openssl::ssl::{SslContextBuilder, SslMethod, SslVerifyMode};
use std::path::PathBuf;
let mut context_builder = SslContextBuilder::new(SslMethod::tls())?;
context_builder.set_ca_file("ca.crt")?;
context_builder.set_verify(SslVerifyMode::PEER);
let session: Session = SessionBuilder::new()
.known_node("127.0.0.1:9142") // The the port is now 9142
.ssl_context(Some(context_builder.build()))
.build()
.await?;
See the full example for more details
Was this page helpful?
On this page