Geronimo
  1. Geronimo
  2. GERONIMO-5146

Geronimo should provide a default encrypted password for trustStore and keyStore

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.5, 2.2.1, 3.0.0
    • Fix Version/s: 2.1.5, 2.2.1, 3.0.0
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None
    • Patch Info:
      Patch Available

      Description

      Geronimo should provide by default encrypted password for trustStore and keyStore. If this is not done than after applying the fix for GERONIMO-4896 it will be required by user to

      1) first start the server w/o using JMXSecure Connector.
      2) Use the deploy.bat encrypt functionality to encrypt the password
      3) ShutDown and start the server with secure JMX.

      1. 5146_21_updated.patch
        2 kB
        Ashish Jain
      2. 5146_21.patch
        1 kB
        Ashish Jain
      3. 5146_one_line_of_code.patch
        2 kB
        Ashish Jain

        Activity

        Hide
        Rex Wang added a comment -

        rev 920174, rev923024 @ br21
        rev923026 @ br22
        rev923027 @ trunk

        Show
        Rex Wang added a comment - rev 920174, rev923024 @ br21 rev923026 @ br22 rev923027 @ trunk
        Hide
        Ashish Jain added a comment -

        Hi Rex, After revision: 920171 in GERONIMO-5156 if a user wants to unlock the default keystore that is geronimo-default. It is required to have an entry in config-substitution.properties with the name geronimo-default=<encrypted_password>. I am uploading a patch file with the name 5146_one_line_of_code.patch. Kindly
        review and apply.

        Thanks
        Ashish

        Show
        Ashish Jain added a comment - Hi Rex, After revision: 920171 in GERONIMO-5156 if a user wants to unlock the default keystore that is geronimo-default. It is required to have an entry in config-substitution.properties with the name geronimo-default=<encrypted_password>. I am uploading a patch file with the name 5146_one_line_of_code.patch. Kindly review and apply. Thanks Ashish
        Hide
        Rex Wang added a comment -

        applied to branch 2.1 @ rev 920174.
        Thanks Ashish!

        Show
        Rex Wang added a comment - applied to branch 2.1 @ rev 920174. Thanks Ashish!
        Hide
        Ashish Jain added a comment -

        Uploading a modified patch which includes the private key alias of the default keystore geronimo-default.

        Show
        Ashish Jain added a comment - Uploading a modified patch which includes the private key alias of the default keystore geronimo-default.
        Hide
        Ashish Jain added a comment -

        Uploading a patch kindy verify and apply.

        Show
        Ashish Jain added a comment - Uploading a patch kindy verify and apply.

          People

          • Assignee:
            Ashish Jain
            Reporter:
            Ashish Jain
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development