Scylla Documentation Logo Documentation
  • Server
    • Scylla Open Source
    • Scylla Enterprise
    • Scylla Alternator
  • Cloud
    • Scylla Cloud
    • Scylla Cloud Docs
  • Tools
    • Scylla Manager
    • Scylla Monitoring Stack
    • Scylla Operator
  • Drivers
    • CQL Drivers
    • DynamoDB Drivers
Download
Menu
Scylla Rust Driver Connecting to the cluster TLS

TLS¶

Driver uses the openssl crate for TLS functionality.
It was chosen because rustls doesn’t support certificates for ip addresses (see issue), which is a common use case for Scylla.

Enabling feature¶

openssl is not a pure Rust library so you need enable a feature and install the proper package.

To enable the tls feature add in Cargo.toml:

scylla = { version = "0.4", features = ["ssl"] }
openssl = "0.10.32"

Then install the package with openssl:

  • Debian/Ubuntu:

    apt install libssl-dev pkg-config
    
  • Fedora:

    dnf install openssl-devel
    
  • Arch:

    pacman -S openssl pkg-config
    

Using TLS¶

To use tls you will have to create an openssl SslContext and pass it to SessionBuilder

For example, if database certificate is in the file ca.crt:

# extern crate scylla;
# extern crate openssl;
use scylla::{Session, SessionBuilder};
use openssl::ssl::{SslContextBuilder, SslMethod, SslVerifyMode};
use std::path::PathBuf;

# use std::error::Error;
# async fn check_only_compiles() -> Result<(), Box<dyn Error>> {
let mut context_builder = SslContextBuilder::new(SslMethod::tls())?;
context_builder.set_ca_file("ca.crt")?;
context_builder.set_verify(SslVerifyMode::PEER);

let session: Session = SessionBuilder::new()
    .known_node("127.0.0.1:9142") // The the port is now 9142
    .ssl_context(Some(context_builder.build()))
    .build()
    .await?;

# Ok(())
# }

See the full example for more details

PREVIOUS
Authentication
NEXT
Making queries
  • Scylla Rust Driver
  • Quick Start
    • Creating a project
    • Connecting and running a simple query
    • Running Scylla using Docker
  • Connecting to the cluster
    • Compression
    • Authentication
    • TLS
  • Making queries
    • Simple query
    • Query values
    • Query result
    • Prepared query
    • Batch statement
    • Paged query
    • USE keyspace
    • Schema agreement
    • Lightweight transaction (LWT) query
  • Data Types
    • Bool, Tinyint, Smallint, Int, Bigint, Float, Double
    • Ascii, Text, Varchar
    • Counter
    • Blob
    • Inet
    • Uuid, Timeuuid
    • Date
    • Time
    • Timestamp
    • Decimal
    • Varint
    • List, Set, Map
    • Tuple
    • User defined types
  • Load balancing
    • Round robin
    • DC Aware Round robin
    • Token aware Round robin
    • Token aware DC Aware Round robin
  • Retry policy configuration
    • Fallthrough retry policy
    • Default retry policy
  • Speculative execution
    • Simple speculative execution
    • Percentile speculative execution
  • Driver metrics
  • Logging
  • Query tracing
    • Tracing a simple/prepared query
    • Tracing a batch query
    • Tracing a paged query
    • Tracing Session::prepare
  • Create an issue
  • Edit this page

On this page

  • TLS
    • Enabling feature
    • Using TLS
Logo
Docs Contact Us About Us
Mail List Icon Slack Icon
© 2022, ScyllaDB. All rights reserved.
Last updated on 17 June 2022.
Powered by Sphinx 4.3.2 & ScyllaDB Theme 1.2.2