You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@oozie.apache.org by "Andras Salamon (Jira)" <ji...@apache.org> on 2019/10/16 07:41:00 UTC

[jira] [Created] (OOZIE-3549) Add back support for truststore passwords

Andras Salamon created OOZIE-3549:
-------------------------------------

             Summary: Add back support for truststore passwords
                 Key: OOZIE-3549
                 URL: https://issues.apache.org/jira/browse/OOZIE-3549
             Project: Oozie
          Issue Type: Improvement
    Affects Versions: trunk
            Reporter: Andras Salamon


OOZIE-3157 removed {{oozie.https.truststore.pass}} property, because we (Oozie + Jetty) don't write the truststore and the password is not required for reading.

This is no longer true, Java 11's keytool now defaults to creating PKCS12 keystores instead of JKS, and according to [this|https://bugs.launchpad.net/ubuntu/+source/ca-certificates-java/+bug/1771363] bug description "A JKS keystore can be read without supplying a password (or by supplying an empty one) while a PKCS12 keystore requires a password to be set." 

We should reintroduce this property and allow the it again to specify this password and pass it to jetty.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)