From a934ff57cb5c4e7bb6952d75b107ee769c891fb1 Mon Sep 17 00:00:00 2001
From: David Gilardi <david.gilardi@datastax.com>
Date: Thu, 23 Aug 2018 09:49:48 -0400
Subject: [PATCH] Added requestCert and rejectUnauthorized params to sslOptions
 per driver documentation

---
 src/utils/cassandra.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/utils/cassandra.js b/src/utils/cassandra.js
index 8b1b30f..e73abbe 100644
--- a/src/utils/cassandra.js
+++ b/src/utils/cassandra.js
@@ -90,7 +90,10 @@ export function getCassandraClientAsync(keyspace, dseUsername, dsePassword) {
         logger.info('SSL is configured to be on.');
         if (Filesystem.existsSync('cassandra.cert')) {
           clientOpts.sslOptions = {
-            ca: [Filesystem.readFileSync('cassandra.cert')]
+            ca: [Filesystem.readFileSync('cassandra.cert')],
+            // validate server cert and reject if not trusted
+            requestCert: true,
+            rejectUnauthorized: true
           };
           logger.info('Found cert, read file sync.')
         } else {