Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-10307

Provide SSL/TLS keystore password a more secure way

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 6.7, 7.0
    • security
    • None

    Description

      Currently the only way to pass server and client side SSL keytstore and truststore passwords is to set specific environment variables that will be passed as system properties, through command line parameter.

      First option is to pass passwords through environment variables which gives a better level of protection. Second option would be to use hadoop credential provider interface to access credential store.

      Attachments

        1. SOLR-10307.2.patch
          2 kB
          Mano Kovacs
        2. SOLR-10307.patch
          25 kB
          Mano Kovacs
        3. SOLR-10307.patch
          26 kB
          Mano Kovacs
        4. SOLR-10307.patch
          25 kB
          Mano Kovacs

        Issue Links

          is duplicated by

          Improvement - An improvement or enhancement to an existing feature or task. SOLR-8897 SSL-related passwords in solr.in.sh are in plain text

          • Major - Major loss of function.
          • Closed
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. SOLR-10783 Using Hadoop Credential Provider as SSL/TLS store password source

          • Major - Major loss of function.
          • Closed

          Activity

            People

              markrmiller@gmail.com Mark Miller
              manokovacs Mano Kovacs
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: