[SPARK-46058] [CORE] Add separate flag for privateKeyPassword - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.0.0
Fix Version/s: 4.0.0
Component/s: Spark Core
Labels:
- pull-request-available

Epic Link:
ssl/tls for rpc and shuffle

Description

Right now with config inheritance we support:

JKS with password A, PEM with password B
JKS with no password, PEM with password A
JKS and PEM with no password

But we do not support the case where JKS has a password and PEM does not. If we set keyPassword we will attempt to use it, and cannot set `spark.ssl.rpc.keyPassword` to null. So let's make it a separate flag as the easiest workaround.

This was noticed while migrating some existing deployments to the RPC SSL support where we use openssl support for RPC and use a key with no password

Attachments

Issue Links

links to

GitHub Pull Request #43998

Activity

People

Assignee:: Hasnain Lakhani

Reporter:: Hasnain Lakhani

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Nov/23 22:00

Updated:: 07/Dec/23 04:58

Resolved:: 07/Dec/23 01:59