Details
-
Wish
-
Status: Resolved
-
Minor
-
Resolution: Won't Do
-
None
-
None
-
None
Description
Using ldaps requires to specify a truststore if the CA certificate of the ldap server is not in the cacerts file. The truststore can be set using command line parameters like
-Djavax.net.ssl.trustStore=/appl/amq/security/paul_1_test/paul_1_test_ts.p12
-Djavax.net.ssl.trustStorePassword=changeit
-Djavax.net.ssl.trustStoreType=PKCS12
However this shows the truststore password with the ps -ef command.
Desired solution : adding 3 properties to org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule
connectionTrustStore=
connectionTrustStorePassword=
connectionTrustStoreType=
So the truststore can be specified without showing it in the process list.