Keywords: Cassandra - Other - Technical issue - Secure Connections (SSL/HTTPS)
I am trying to setup client SSL on the cassandra cluster which i have deployed on k8s. The helm chart documentation, says i have to create a secret with proper keystore and truststore. The problem that i have here is, for generation keystores i have to generate certs via ips/dns of the nodes(pods in this case), but the ip's will keep on changing with the pod and pod dns will be local to that cluster (My clients can be outside of the k8s cluster hosting cassandra, so can't use this).
I don't want to use hostNet for this as then i will be bound by the cloud machines, and the flexibility k8s gives will be lost.
Please suggest. Also if someone can point out to some valid solutions/discussions/articles for this. Is it possible to do this thing in some other way, will love to have some examples.