You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Erik Bergenholtz (JIRA)" <ji...@apache.org> on 2015/04/29 12:28:06 UTC
[jira] [Created] (AMBARI-10825) Missed Support for Wire Encyption
Erik Bergenholtz created AMBARI-10825:
-----------------------------------------
Summary: Missed Support for Wire Encyption
Key: AMBARI-10825
URL: https://issues.apache.org/jira/browse/AMBARI-10825
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.1.0
Reporter: Erik Bergenholtz
Assignee: Antonenko Alexander
Fix For: 2.1.0
I noticed the following things that I believe need to get fixed:
*ssl-client.xml*
# We're missing the ability to track ssl.client.truststore.password
# (New Requirement) We're missing the ability to track the following:
* ssl.client.truststore.password=bigdata
* ssl.client.truststore.reload.interval=10000
* ssl.client.keystore.type=jks
* ssl.client.keystore.location=/etc/security/clientKeys/keystore.jks
* ssl.client.keystore.password=bigdata
The additions (New Requirement) to ssl-client.xml is from some discrepancies I've just noticed between [our documentation|http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.2.0/HDP_Security_Guide_v22/index.html#Item1.3.4.4] and [Apache's|http://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/EncryptedShuffle.html].
*ssl-server.xml*
# The passwords are in clear text and should be 'password' type input fields for ssl.server.keystore.password, and ssl.server.keystore.keypassword.
# We need to add management of ssl.server.truststore.reload.interval with a default value of 10000 with a tooltip value of: "Truststore reload interval, in milliseconds"
# We are missing management of the ssl.server.truststore.password 'password' field.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)