Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-3689

zkCli/ZooKeeperMain relies on system properties for TLS config

    XMLWordPrintableJSON

    Details

      Description

      The command line client to ZooKeeper (org.apache.zookeeper.ZooKeeperMain, invoked via bin/zkCli.

      {bat,sh}

      ) has no facility for accepting TLS client configuration (e.g. keystore/truststore location and password) except via system properties. System properties must be passed on the command line as "-D" arguments and are inherently not secure. There should be a way to pass the client TLS configuration to org.apache.zookeeper.ZooKeeperMain in a more secure way (e.g. via a file).

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sankalpbhatia Sankalp Bhatia
                Reporter:
                rndgstn Ron Dagostino
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 2.5h
                  2.5h