You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oozie.apache.org by "Mate Juhasz (Jira)" <ji...@apache.org> on 2019/10/16 09:57:00 UTC

[jira] [Assigned] (OOZIE-3549) Add back support for truststore passwords

     [ https://issues.apache.org/jira/browse/OOZIE-3549?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mate Juhasz reassigned OOZIE-3549:
----------------------------------

    Assignee: Mate Juhasz

> Add back support for truststore passwords
> -----------------------------------------
>
>                 Key: OOZIE-3549
>                 URL: https://issues.apache.org/jira/browse/OOZIE-3549
>             Project: Oozie
>          Issue Type: Improvement
>    Affects Versions: trunk
>            Reporter: Andras Salamon
>            Assignee: Mate Juhasz
>            Priority: Major
>
> OOZIE-3157 removed {{oozie.https.truststore.pass}} property, because we (Oozie + Jetty) don't write the truststore and the password is not required for reading.
> This is no longer true, Java 11's keytool now defaults to creating PKCS12 keystores instead of JKS, and according to [this|https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1771363] bug description "A JKS keystore can be read without supplying a password (or by supplying an empty one) while a PKCS12 keystore requires a password to be set." 
> We should reintroduce this property and allow the it again to specify this password and pass it to jetty.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)