ScyllaDB Documentation Logo Documentation
  • Server
    • ScyllaDB Open Source
    • ScyllaDB Enterprise
    • ScyllaDB Alternator
  • Cloud
  • Tools
    • ScyllaDB Manager
    • ScyllaDB Monitoring Stack
    • ScyllaDB Operator
  • Drivers
    • CQL Drivers
    • DynamoDB Drivers
Download
Menu
ScyllaDB Docs Scylla Rust Driver Connecting to the cluster TLS

TLS¶

Driver uses the openssl crate for TLS functionality.
It was chosen because rustls doesn’t support certificates for ip addresses (see issue), which is a common use case for Scylla.

Enabling feature¶

openssl is not a pure Rust library so you need enable a feature and install the proper package.

To enable the tls feature add in Cargo.toml:

scylla = { version = "0.4", features = ["ssl"] }
openssl = "0.10.32"

Then install the package with openssl:

  • Debian/Ubuntu:

    apt install libssl-dev pkg-config
    
  • Fedora:

    dnf install openssl-devel
    
  • Arch:

    pacman -S openssl pkg-config
    

Using TLS¶

To use tls you will have to create an openssl SslContext and pass it to SessionBuilder

For example, if database certificate is in the file ca.crt:

use scylla::{Session, SessionBuilder};
use openssl::ssl::{SslContextBuilder, SslMethod, SslVerifyMode};
use std::path::PathBuf;

let mut context_builder = SslContextBuilder::new(SslMethod::tls())?;
context_builder.set_ca_file("ca.crt")?;
context_builder.set_verify(SslVerifyMode::PEER);

let session: Session = SessionBuilder::new()
    .known_node("127.0.0.1:9142") // The the port is now 9142
    .ssl_context(Some(context_builder.build()))
    .build()
    .await?;

See the full example for more details

PREVIOUS
Authentication
NEXT
Making queries
Scylla Rust Driver
  • main
    • main
  • Scylla Rust Driver
  • Quick Start
    • Creating a project
    • Connecting and running a simple query
    • Running Scylla using Docker
  • Connecting to the cluster
    • Compression
    • Authentication
    • TLS
  • Making queries
    • Simple query
    • Query values
    • Query result
    • Prepared query
    • Batch statement
    • Paged query
    • USE keyspace
    • Schema agreement
    • Lightweight transaction (LWT) query
    • Query timeouts
  • Execution profiles
    • Creating a profile and setting it
    • All options supported by a profile
    • Priorities of execution settings
    • Remapping execution profile handles
  • Data Types
    • Bool, Tinyint, Smallint, Int, Bigint, Float, Double
    • Ascii, Text, Varchar
    • Counter
    • Blob
    • Inet
    • Uuid, Timeuuid
    • Date
    • Time
    • Timestamp
    • Duration
    • Decimal
    • Varint
    • List, Set, Map
    • Tuple
    • User defined types
  • Load balancing
    • DefaultPolicy
  • Retry policy configuration
    • Fallthrough retry policy
    • Default retry policy
    • Downgrading consistency retry policy
  • Speculative execution
    • Simple speculative execution
    • Percentile speculative execution
  • Driver metrics
  • Logging
  • Query tracing
    • Tracing a simple/prepared/batch query
    • Tracing a paged query
    • Tracing Session::prepare
    • Query Execution History
  • Schema
  • Create an issue
  • Edit this page

On this page

  • TLS
    • Enabling feature
    • Using TLS
Logo
Docs Contact Us About Us
Mail List Icon Slack Icon Forum Icon
© 2023, ScyllaDB. All rights reserved.
Last updated on 22 March 2023.
Powered by Sphinx 4.3.2 & ScyllaDB Theme 1.3.5