Username-password authentication not working when encryption is enabled

Question

Username-password authentication not working when encryption is enabled

Closed this issue a year ago · 0 comments

=== This is a blocker for public preview ===

Unable to connect to the cluster using username-password authentication when client-node encryption is enabled

Client Side Error

[ec2-user ~]$ cqlsh ip-192-168-17-246.us-east-2.compute.internal 6001 --ssl -u <USERNAME> -p <PASSWORD>

Warning: Using a password on the command line interface can be insecure.
Recommendation: use the credentials file to securely provide the password.

Connection error: ('Unable to connect to any servers', {'192.168.17.246:6001': AuthenticationFailed('Failed to authenticate to 192.168.17.246:6001: Error from server: code=0000 [Server error] message="...NoSuchCredentialsException"')})

Detailed stacktrace for NoSuchCredentialsException on Cassandra node can be provided if needed.

Authentication works as expected without encryption though

[ec2-user@ip-10-0-81-169 ~]$ cqlsh ip-10-0-100-77.us-east-2.compute.internal 6002 -u <USERNAME> -p <PASSWORD>

Warning: Using a password on the command line interface can be insecure.
Recommendation: use the credentials file to securely provide the password.

Connected to tanvir-pl-cluster-no-encrypt at ip-10-0-100-77.us-east-2.compute.internal:6002
[cqlsh 6.1.0 | Cassandra 4.0.4 | CQL spec 3.4.5 | Native protocol v4]
Use HELP for help.
username@cqlsh> select now() from system.local;

 system.now()
--------------------------------------
 62312bc0-abea-11ed-b7d8-ef0f80af9712

(1 rows)