You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@storm.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/08/08 18:57:00 UTC
[jira] [Updated] (STORM-3184) Storm supervisor log showing keystore
and truststore password in plaintext
[ https://issues.apache.org/jira/browse/STORM-3184?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ASF GitHub Bot updated STORM-3184:
----------------------------------
Labels: pull-request-available (was: )
> Storm supervisor log showing keystore and truststore password in plaintext
> --------------------------------------------------------------------------
>
> Key: STORM-3184
> URL: https://issues.apache.org/jira/browse/STORM-3184
> Project: Apache Storm
> Issue Type: Bug
> Components: storm-core
> Affects Versions: 1.1.1
> Reporter: Arpit Khare
> Priority: Major
> Labels: pull-request-available
>
> When we enable SSL for Apache storm, the superviosr log shows the keystore and truststore password in the plaintext
> log name : /var/log/storm/supervisor.log
> {code}
> 2018-05-28 16:21:12.594 o.a.s.d.s.Supervisor main [INFO] Starting supervisor for storm version '1.1.1.3.1.1.0-35'.
> 2018-05-28 16:21:12.595 o.a.s.d.s.Supervisor main [INFO] Starting Supervisor with conf {storm.messaging.netty.min_wait_ms=100, storm.zookeeper.auth.user=null, storm.messaging.netty.buffer_s
> ize=5242880, client.jartransformer.class=org.apache.storm.hack.StormShadeTransformer, storm.exhibitor.port=8080, pacemaker.auth.method=NONE, ui.filter=null, worker.profiler.enabled=false
> ui.https.key.password=pass123
> ui.https.keystore.password=pass123
> {code}
> For the below properties created in custom-storm-site section in Ambari while enabling SSL.
> {code}
> ui.https.key.password=pass123
> ui.https.keystore.password=pass123
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)