[kea-dev] Cassandra SSL support (peer verify + client cert auth)

Dajka Tamás viper at vipernet.hu
Sat Jan 4 20:34:12 UTC 2020

Dear Devs,


I'm pretty new to KEA, but really interested :) (had been working with the
"old" dhcpd for a long time).


I'm trying to put together a KEA environment with Cassandra cluster backend,
where I'm using cert based auth. (cqlsh from kea server to remove server
with SSL auth works).


Is anyone working on something like this? The only thing I've seen is an ~2
years old PR from Razvan Becheriu (he did only peer verification).


I've checked the latest code and it does not seem impossible to implement.
I'm willing to do so - already did some starting steps - but the first thing
I bumped into is how to get the new keywords accepted by the config - put
into the dictionaries (dhcp6_parser.cc). If nobody is working on something
like this, I'll continue (but will need some help)


The things I'm planning to accomplish for database config:

-          add new token support for"ssl" (bool), "ssl_ca", "ssl_cert",
"ssl_key", "ssl_password"

-          implement datastex driver's possibilities into cql database

-          modify documentation/examples to reflect the changes


Thanks in advance!







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-dev/attachments/20200104/f266f16d/attachment.htm>

More information about the kea-dev mailing list