You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@lucene.apache.org by "Esther Quansah (JIRA)" <ji...@apache.org> on 2016/03/24 17:32:25 UTC

[jira] [Created] (SOLR-8897) SSL-related passwords in solr.in.sh are in plain text

Esther Quansah created SOLR-8897:
------------------------------------

             Summary: SSL-related passwords in solr.in.sh are in plain text
                 Key: SOLR-8897
                 URL: https://issues.apache.org/jira/browse/SOLR-8897
             Project: Solr
          Issue Type: Improvement
          Components: scripts and tools, security
            Reporter: Esther Quansah


As per the steps mentioned at following URL, one needs to store the plain text password for the keystore to configure SSL for Solr, which is not a good idea from security perspective.
URL: https://cwiki.apache.org/confluence/display/solr/Enabling+SSL#EnablingSSL-SetcommonSSLrelatedsystemproperties (https://cwiki.apache.org/confluence/display/solr/Enabling+SSL#EnablingSSL-SetcommonSSLrelatedsystemproperties)
Is there any way so that the encrypted password can be stored (instead of plain password) in solr.in.cmd/solr.in.sh to configure SSL?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@lucene.apache.org
For additional commands, e-mail: dev-help@lucene.apache.org