[SPARK-46058] Add separate flag for privateKeyPassword - ASF JIRA

Rank to Top

Rank to Bottom

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.0.0
Fix Version/s: 4.0.0
Component/s: Spark Core
Labels:
- pull-request-available

Epic Link:
ssl/tls for rpc and shuffle

Description

Right now with config inheritance we support:

JKS with password A, PEM with password B
JKS with no password, PEM with password A
JKS and PEM with no password

But we do not support the case where JKS has a password and PEM does not. If we set keyPassword we will attempt to use it, and cannot set `spark.ssl.rpc.keyPassword` to null. So let's make it a separate flag as the easiest workaround.

This was noticed while migrating some existing deployments to the RPC SSL support where we use openssl support for RPC and use a key with no password

Attachments

Issue Links

Add Link

links to

GitHub Pull Request #43998

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Hasnain Lakhani

Reporter:: Hasnain Lakhani

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Nov/23 22:00

Updated:: 30/Jul/24 04:43

Resolved:: 07/Dec/23 01:59

Agile

View on Board

Add separate flag for privateKeyPassword

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment